CVE-2025-40360

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plane->state to NULL. v2: - fix typo in commit description (Javier)

References

https://git.kernel.org/stable/c/c7d5e69866bbe95c1e4ab4c10a81e0a02d9ea232

https://git.kernel.org/stable/c/c4faf7f417eea8b8d5cc570a1015736f307aa2d5

https://git.kernel.org/stable/c/b61ed8005bd3102510fab5015ac6a275c9c5ea16

https://git.kernel.org/stable/c/6bdef5648a60e49d4a3b02461ab7ae3776877e77

https://git.kernel.org/stable/c/6abeff03cb79a2c7f4554a8e8738acd35bb37152

https://git.kernel.org/stable/c/14e02ed3876f4ab0ed6d3f41972175f8b8df3d70

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024