CVE-2025-38098

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink Don't try to operate on a drm_wb_connector as an amdgpu_dm_connector. While dereferencing aconnector->base will "work" it's wrong and might lead to unknown bad things. Just... don't.

References

https://git.kernel.org/stable/c/cbf4890c6f28fb1ad733e14613fbd33c2004bced

https://git.kernel.org/stable/c/b14e726d57f61085485f107a6203c50a09695abd

https://git.kernel.org/stable/c/18ca68f7c657721583a75cab01f0d0d2ec63a6c9

Details

Source: Mitre, NVD

Published: 2025-07-03

Updated: 2025-07-03

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 5.8

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00017