CVE-2025-21985

Published: Apr 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses [WHAT & HOW] hpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4), but location can have size up to 6. As a result, it is necessary to check location against MAX_HPO_DP2_ENCODERS. Similiarly, disp_cfg_stream_location can be used as an array index which should be 0..5, so the ASSERT's conditions should be less without equal.

Vendor	Product	Versions
Linux	Linux	affected `4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - < 36793d90d76f667d26c6dd025571481ee0c96abc` affected `4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - < 9aedc776b11038f04f4641241bb7e877781e4aa4` affected `4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - < 8adbb2a98b00926315fd513b5fe2596b5716b82d`
Linux	Linux	affected `4.15` unaffected `0 - < 4.15` unaffected `6.12.20 - <= 6.12.` unaffected `6.13.8 - <= 6.13.` unaffected `6.14 - <= *`

References

https://git.kernel.org/stable/c/36793d90d76f667d26c6dd025571481ee0c96abc

https://git.kernel.org/stable/c/9aedc776b11038f04f4641241bb7e877781e4aa4

https://git.kernel.org/stable/c/8adbb2a98b00926315fd513b5fe2596b5716b82d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21985

Description

Affected Products

References