CVE-2025-38391
Published: Jul 25, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pin_assignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DP_PIN_ASSIGN_F. In this case, calls to pin_assignment_show will cause a BRK exception due to an out of bounds array access. Prevent for loop in pin_assignment_show from accessing invalid values in pin_assignments by adding DP_PIN_ASSIGN_MAX value in typec_dp.h and using i < DP_PIN_ASSIGN_MAX as a loop condition.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 - < c93bc959788ed9a1af7df57cb539837bdf790ceeaffected 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 - < 114a977e0f6bf278e05eade055e13fc271f69cf7affected 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 - < 621d5a3ef0231ab242f2d31eecec40c38ca609c5affected 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 - < 2f535517b5611b7221ed478527e4b58e29536ddfaffected 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 - < 45e9444b3b97eaf51a5024f1fea92f44f39b50c6+3 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 5.4.296 - <= 5.4.*unaffected 5.10.240 - <= 5.10.*unaffected 5.15.187 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now