CVE-2025-38098

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink Don't try to operate on a drm_wb_connector as an amdgpu_dm_connector. While dereferencing aconnector->base will "work" it's wrong and might lead to unknown bad things. Just... don't.

References

https://git.kernel.org/stable/c/cbf4890c6f28fb1ad733e14613fbd33c2004bced

https://git.kernel.org/stable/c/b14e726d57f61085485f107a6203c50a09695abd

https://git.kernel.org/stable/c/18ca68f7c657721583a75cab01f0d0d2ec63a6c9

Details

Source: Mitre, NVD

Published: 2025-07-03

Updated: 2025-07-03

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017