CVE-2025-38597
Published: Aug 19, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port Each window of a vop2 is usable by a specific set of video ports, so while binding the vop2, we look through the list of available windows trying to find one designated as primary-plane and usable by that specific port. The code later wants to use drm_crtc_init_with_planes with that found primary plane, but nothing has checked so far if a primary plane was actually found. For whatever reason, the rk3576 vp2 does not have a usable primary window (if vp0 is also in use) which brought the issue to light and ended in a null-pointer dereference further down. As we expect a primary-plane to exist for a video-port, add a check at the end of the window-iteration and fail probing if none was found.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 604be85547ce4d61b89292d2f9a78c721b778c16 - < e1eef239399927b368f70a716044fb10085627c8affected 604be85547ce4d61b89292d2f9a78c721b778c16 - < 38682edbbad272b5f8c7bf55128b42cd10626f73affected 604be85547ce4d61b89292d2f9a78c721b778c16 - < f9f68bf1d0efeadb6c427c9dbb30f307a7def19b |
Linux | Linux | affected 5.19unaffected 0 - < 5.19unaffected 6.15.10 - <= 6.15.*unaffected 6.16.1 - <= 6.16.*unaffected 6.17 - <= * |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now