Null Dereference Vulnerability in Linux Kernel Affecting AMD Graphics Hardware
CVE-2025-39707

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39707?

A vulnerability in the Linux kernel has been identified, affecting the proper initialization of the HUBBUB structure in DCE hardware. This issue can lead to a null dereference when accessing the amdgpu_dm_capabilities file within debugfs. To mitigate this vulnerability, a check has been implemented to verify whether the HUBBUB structure is NULL before proceeding with any operations. Failure to do so may result in system instability or crashes, particularly on systems utilizing AMD graphics hardware. Keeping the Linux kernel updated is essential to safeguard against potential exploitation of this vulnerability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 83cfdc2b018cd9c0f927b781d4e07c0d4a911fac

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 98e92fceb9507901e3e8b550e93b843306abd354

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/83cfdc2b018cd9c0f927b781d...

https://git.kernel.org/stable/c/98e92fceb9507901e3e8b550e...

https://git.kernel.org/stable/c/b4a69f7f29c8a459ad6b4d8a8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025