CVE-2025-21941

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not null before accessing. This prevents a null pointer dereference. Found by code review. (cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a	Patch
https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743	Patch
https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90	Patch
https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1	Patch
https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca	Patch
https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9	Patch
https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::

History

10 Apr 2025, 18:06

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.14:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc5:::::: cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a -~~	() https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a - Patch
References	~~() https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743 -~~	() https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743 - Patch
References	~~() https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90 -~~	() https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90 - Patch
References	~~() https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1 -~~	() https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1 - Patch
References	~~() https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca -~~	() https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca - Patch
References	~~() https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9 -~~	() https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9 - Patch
References	~~() https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d -~~	() https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux
CWE		CWE-476

10 Apr 2025, 13:15

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Se corrige la comprobación nula de pipe_ctx->plane_state en resource_build_scaling_params. Un problema de desreferencia de puntero nulo podía ocurrir cuando pipe_ctx->plane_state era nulo. Esta corrección añade una comprobación para garantizar que 'pipe_ctx->plane_state' no fuera nulo antes de acceder. Esto evita una desreferencia de puntero nulo. Encontrado mediante revisión de código. (Seleccionado de el commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)
References		() https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a - () https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d -

01 Apr 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-01 16:15

Updated : 2025-04-10 18:06

NVD link : CVE-2025-21941

Mitre link : CVE-2025-21941

CVE.ORG link : CVE-2025-21941

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10