CVE-2025-38080

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38080

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38080.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-38080

Downstream

BELL-CVE-2025-38080

DEBIAN-CVE-2025-38080

ECHO-78cc-7448-ea0a

OESA-2025-1729

OESA-2025-1730

OESA-2025-1870

SUSE-SU-2025:02249-1

SUSE-SU-2025:02538-1

SUSE-SU-2025:02923-1

UBUNTU-CVE-2025-38080

USN-7769-1

USN-7769-2

USN-7770-1

USN-7771-1

Related

Published

2025-06-18T10:15:41Z

Modified

2025-08-09T19:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Increase block_sequence array size

[Why] It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence buffer and corrupts blocksequencesteps, causing a crash.

[How] Expand block_sequence to 100 items. A naive upper bound on the possible number of steps for a 6-pipe asic, ignoring the potential for steps to be mutually exclusive, is 91 with current code, therefore 100 is sufficient.

References

Affected packages