Null Pointer Dereference in Linux Kernel's DRM Module Affecting Mediatek Devices
CVE-2025-38240

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 April 2025

Summary

A vulnerability in the Linux kernel's Direct Rendering Manager (DRM) module specifically affects Mediatek devices. The issue arises when the function mtk_dp_wait_hpd_asserted() is invoked before the mtk_dp->drm_dev pointer is properly initialized in the mtk_dp_bridge_attach() function. This flow can lead to a NULL pointer dereference, potentially resulting in application crashes or unexpected behavior. Modifications have been made to change error handling in both mtk_dp_wait_hpd_asserted() and mtk_dp_parse_capabilities() functions. These changes improve the robustness of error messaging and enhance future debugging efforts by including error codes.

Affected Version(s)

Linux 7eacba9a083be65c0f251c19380ec01147c01ebc < 13ec849fd2eab808ee8eba2625df7ebea3b85edf

Linux 7eacba9a083be65c0f251c19380ec01147c01ebc < 57a9fb47551b33cde7b76d17c0072c3b394f4620

Linux 7eacba9a083be65c0f251c19380ec01147c01ebc < 2fda391ef7a701748abd7fa32232981b522c1e07

References

https://git.kernel.org/stable/c/13ec849fd2eab808ee8eba262...

https://git.kernel.org/stable/c/57a9fb47551b33cde7b76d17c...

https://git.kernel.org/stable/c/2fda391ef7a701748abd7fa32...

Timeline

Vulnerability published
Apr 18, 2025
Vulnerability Reserved
Apr 16, 2025