Buffer Overflow Vulnerability in Linux Kernel Affecting AMD Display Drivers
CVE-2025-38080

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2025-38080?

A buffer overflow vulnerability in the Linux kernel's AMD display driver can occur when the hwss_build_fast_sequence function generates more than the expected number of steps. Specifically, in configurations with a 6-pipe ASIC where all pipes belong to a single MPC chain, this vulnerability can lead to the overflow of the block_sequence array. The issue can result in data corruption and potential crashes of the system. To mitigate this, the block_sequence array size has been expanded to 100 items, accommodating the upper limits of the steps that can be generated. Proper handling of such sequences is crucial to maintain system stability and security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/de67e80ab48f1f23663831007...
https://git.kernel.org/stable/c/e55c5704b12eeea27e212bfab...
https://git.kernel.org/stable/c/bf1666072e7482317cf230262...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38080 : Buffer Overflow Vulnerability in Linux Kernel Affecting AMD Display Drivers