Linux Kernel Vulnerability in AMD GPU Display Functionality
CVE-2025-39906

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39906?

A vulnerability in the Linux kernel pertains to AMD GPU's display functionality, where unbinding the GPU fails to deregister the OEM I2C adapter. This oversight can lead to a null pointer dereference when applications attempt to access an invalid device, causing potential application crashes or instability. The issue is resolved in updates that ensure proper management of I2C adapter registration upon GPU unbinding.

Affected Version(s)

Linux 3d5470c973149f479572dcf4eea064775041ea6c

Linux 3d5470c973149f479572dcf4eea064775041ea6c < 1dfd2864a1c4909147663e5a27c055f50f7c2796

Linux 6.15

References

https://git.kernel.org/stable/c/c686124bcf06253620790857f...

https://git.kernel.org/stable/c/1dfd2864a1c4909147663e5a2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON