Null Pointer Dereference in Linux Kernel Affecting AMD Graphics Drivers
CVE-2025-38705

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38705?

A vulnerability in the Linux kernel related to AMD graphics drivers has been identified, which allows for a null pointer dereference. This issue can occur when writing a string without suitable delimiters to the gpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile. An improperly formatted string can lead to unpredictable behavior and system instability. Appropriate measures should be taken to ensure proper input validation to avoid exploitation of this flaw.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5d8cc029e5595760c7d18c64632e8e40a86a9b2e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/a83ffafd02a7af59848755c10...

https://git.kernel.org/stable/c/5d8cc029e5595760c7d18c646...

https://git.kernel.org/stable/c/cef79c18538e9ce2ca6e5b3fa...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025