Null Pointer Dereference in AMD Display Driver for Linux Kernel
CVE-2025-39705

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39705?

A vulnerability in the AMD display driver's cleanup function, dc_destruct(), can lead to a null pointer dereference. When the construction of the display control context fails due to memory allocation issues, the resulting NULL pointer can cause instability. Upon subsequent error handling when dc_destruct() is executed, lack of a proper NULL check before dereferencing the perf_trace member leads to crashes. This vulnerability highlights the importance of thorough error handling to prevent system crashes and maintain kernel stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0961673cc5f0055957aa46f25eb4ef6c07e00165

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4ade995b9b25b3c6e8dc42c27070340f1358d8c8

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1bcf63a44381691d6192872801f830ce3250e367

References

https://git.kernel.org/stable/c/0961673cc5f0055957aa46f25...

https://git.kernel.org/stable/c/4ade995b9b25b3c6e8dc42c27...

https://git.kernel.org/stable/c/1bcf63a44381691d619287280...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025