CVE-2025-37870

drm/amd/display: prevent hang on link training fail

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail [Why] When link training fails, the phy clock will be disabled. However, in enable_streams, it is assumed that link training succeeded and the mux selects the phy clock, causing a hang when a register write is made. [How] When enable_stream is hit, check if link training failed. If it did, fall back to the ref clock to avoid a hang and keep the system in a recoverable state.

N/A

CVSS

Severity:

EPSS 0.02%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/0363c03672cd3191f037905bf981eb523a3b71b1
https://git.kernel.org/stable/c/04bf4f2a497e9877c425c5124652e61fb8a1a0aa
https://git.kernel.org/stable/c/8058061ed9d6bc259d1e678607b07d259342c08f

Frequently Asked Questions

What is the severity of CVE-2025-37870?: CVE-2025-37870 has not yet been assigned a CVSS score.
How to fix CVE-2025-37870?: To fix CVE-2025-37870, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37870 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-37870 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37870?: CVE-2025-37870 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.