CVE-2025-38021

drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp Similar to commit 6a057072ddd1 ("drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe") that addresses a null pointer dereference on dcn20_update_dchubp_dpp. This is the same function hooked for update_dchubp_dpp in dcn401, with the same issue. Fix possible null pointer deference on dcn401_program_pipe too. (cherry picked from commit d8d47f739752227957d8efc0cb894761bfe1d879)

N/A

CVSS

Severity:

EPSS 0.02%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/4679061fb25344d6010ce7b9bebac21c91a0b75a
https://git.kernel.org/stable/c/a3b7e65b6be59e686e163fa1ceb0922f996897c2

Frequently Asked Questions

What is the severity of CVE-2025-38021?: CVE-2025-38021 has not yet been assigned a CVSS score.
How to fix CVE-2025-38021?: To fix CVE-2025-38021, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-38021 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-38021 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-38021?: CVE-2025-38021 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.