CVE-2025-38361 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check dce_hwseq before dereferencing it

[WHAT]

hws was checked for null earlier in dce110_blank_stream, indicating hws
can be null, and should be checked whenever it is used.

(cherry picked from commit 79db43611ff61280b6de58ce1305e0b2ecf675ad)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/b669507b637eb6b1aaecf347f193efccc65d756e
https://git.kernel.org/stable/c/df11bf0ef795b6d415c4d8ee54fa3f2105e75bcb
https://git.kernel.org/stable/c/e881b82f5d3d8d54d168cd276169f0fee01bf0e7
https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38361-3f11@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-38361
https://www.cve.org/CVERecord?id=CVE-2025-38361

History

Tue, 29 Jul 2025 12:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38361-3f11@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-38361 https://www.cve.org/CVERecord?id=CVE-2025-38361
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Mon, 28 Jul 2025 13:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Fri, 25 Jul 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dce_hwseq before dereferencing it [WHAT] hws was checked for null earlier in dce110_blank_stream, indicating hws can be null, and should be checked whenever it is used. (cherry picked from commit 79db43611ff61280b6de58ce1305e0b2ecf675ad)
Title		drm/amd/display: Check dce_hwseq before dereferencing it
References		https://git.kernel.org/stable/c/b669507b637eb6b1aaecf347f193efccc65d756e https://git.kernel.org/stable/c/df11bf0ef795b6d415c4d8ee54fa3f2105e75bcb https://git.kernel.org/stable/c/e881b82f5d3d8d54d168cd276169f0fee01bf0e7

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-07-25T12:47:32.234Z

Updated: 2025-07-28T11:16:47.999Z

Reserved: 2025-04-16T04:51:24.008Z

Link: CVE-2025-38361

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-07-25T13:15:24.903

Modified: 2025-07-25T15:29:19.837

Link: CVE-2025-38361

Redhat

Severity : Moderate

Publid Date: 2025-07-25T00:00:00Z

Links: CVE-2025-38361 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-28T12:45:57Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object