CVE-2025-39675

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()

The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference.

Add a null pointer check for get_first_active_display() and return MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.

This is similar to the commit c3e9826a2202 ("drm/amd/display: Add null pointer check for get_first_active_display()").

(cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < 2af45aadb7b5d3852c76e2d1e985289ada6f48bfaffected
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < ee0373b20bb67b1f00a1b25ccd24c8ac996b6446affected
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < 857b8387a9777e42b36e0400be99b54c251eaf9aaffected
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < 97fc94c5fd3c6ac5a13e457d38ee247737b8c4bdaffected
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < 2ee86b764c54e0d6a5464fb023b630fdf20869cdaffected
LinuxLinux2deade5ede56581722c0d7672f28b09548dc0fc4 < 7a2ca2ea64b1b63c8baa94a8f5deb70b2248d119affected
LinuxLinux5.8affected
LinuxLinux0 < 5.8unaffected
LinuxLinux5.15.190 <= 5.15.*unaffected
LinuxLinux6.1.149 <= 6.1.*unaffected
LinuxLinux6.6.103 <= 6.6.*unaffected
LinuxLinux6.12.44 <= 6.12.*unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References