Memory Corruption Vulnerability in Linux Kernel Affecting AMD Display Drivers
CVE-2025-38254
Currently unrated
What is CVE-2025-38254?
A vulnerability exists in the AMD display drivers within the Linux kernel that can lead to memory corruption due to improper handling of EDID data when retrieved via drm_edid_raw(). In scenarios where a faulty adapter is connected, the function may return NULL or data that exceeds the predefined buffer size, potentially causing system instability. Sanity checks have been introduced in the latest kernel updates to ensure the stability and security of the display drivers by validating the returned EDID content.
Affected Version(s)
Linux 48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e < 4b63507d7cd243574753c6b91f68516d9103f1de
Linux 48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e < 6847b3b6e84ef37451c074e6a8db3fbd250c8dbf
Linux 6.13