{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38254","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:23.997Z","datePublished":"2025-07-09T10:42:32.641Z","dateUpdated":"2026-05-11T21:24:14.565Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:24:14.565Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add sanity checks for drm_edid_raw()\n\nWhen EDID is retrieved via drm_edid_raw(), it doesn't guarantee to\nreturn proper EDID bytes the caller wants: it may be either NULL (that\nleads to an Oops) or with too long bytes over the fixed size raw_edid\narray (that may lead to memory corruption).  The latter was reported\nactually when connected with a bad adapter.\n\nAdd sanity checks for drm_edid_raw() to address the above corner\ncases, and return EDID_BAD_INPUT accordingly.\n\n(cherry picked from commit 648d3f4d209725d51900d6a3ed46b7b600140cdf)"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c"],"versions":[{"version":"48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e","lessThan":"4b63507d7cd243574753c6b91f68516d9103f1de","status":"affected","versionType":"git"},{"version":"48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e","lessThan":"6847b3b6e84ef37451c074e6a8db3fbd250c8dbf","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c"],"versions":[{"version":"6.13","status":"affected"},{"version":"0","lessThan":"6.13","status":"unaffected","versionType":"semver"},{"version":"6.15.5","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4b63507d7cd243574753c6b91f68516d9103f1de"},{"url":"https://git.kernel.org/stable/c/6847b3b6e84ef37451c074e6a8db3fbd250c8dbf"}],"title":"drm/amd/display: Add sanity checks for drm_edid_raw()","x_generator":{"engine":"bippy-1.2.0"}}}}