{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38360", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.007Z", "datePublished": "2025-07-25T12:47:31.397Z", "dateUpdated": "2025-07-28T11:16:46.594Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-28T11:16:46.594Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it's possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn't met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c"], "versions": [{"version": "6f8b7565cca4b745da54b7d5f26b7b9265a5f330", "lessThan": "646442758910d13f9afc57f38bc0a537c3575390", "status": "affected", "versionType": "git"}, {"version": "6f8b7565cca4b745da54b7d5f26b7b9265a5f330", "lessThan": "3f4e601bc6765e4ff5f42cc2d00993c86b367f7e", "status": "affected", "versionType": "git"}, {"version": "6f8b7565cca4b745da54b7d5f26b7b9265a5f330", "lessThan": "0d57dd1765d311111d9885346108c4deeae1deb4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/hwss/dcn35/dcn35_hwseq.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.37", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.5", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.12.37"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.15.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390"}, {"url": "https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e"}, {"url": "https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4"}], "title": "drm/amd/display: Add more checks for DSC / HUBP ONO guarantees", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B4159AA-C70D-4DE5-9EE2-8F2728F13C5D", "versionEndExcluding": "6.12.37", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CC768E2-3BBC-4A6E-9C2F-ECB27A703C2D", "versionEndExcluding": "6.15.5", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*", "matchCriteriaId": "6D4894DB-CCFE-4602-B1BF-3960B2E19A01", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*", "matchCriteriaId": "09709862-E348-4378-8632-5A7813EDDC86", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it's possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn't met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Se han a\u00f1adido m\u00e1s comprobaciones para las garant\u00edas de DSC/HUBP ONO [WHY] En instancias DSC con valores distintos de cero, es posible que no se cumpla el dominio HUBP necesario para controlarlas en ASIC ONO secuenciales, lo que podr\u00eda provocar que la l\u00f3gica del mosaico entre en un estado indefinido y provoque un bloqueo del sistema. [HOW] Se han a\u00f1adido m\u00e1s comprobaciones para garantizar que el dominio HUBP correspondiente a la instancia DSC reciba la alimentaci\u00f3n adecuada. (Seleccionado del commit da63df07112e5a9857a8d2aaa04255c4206754ec)"}], "id": "CVE-2025-38360", "lastModified": "2025-11-18T20:32:19.577", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-25T13:15:24.797", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees", "id": "2383422", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383422"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n[WHY]\nFor non-zero DSC instances it's possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn't met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)"], "name": "CVE-2025-38360", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38360\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38360\nhttps://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38360-1f17@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-28T12:45:54.977178+00:00", "updated": "2025-07-28T12:45:54.977259+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}