CVE-2025-21941 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not null before accessing. This prevents a null pointer dereference. Found by code review. (cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a
https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743
https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90
https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1
https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca
https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9
https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d
https://lore.kernel.org/linux-cve-announce/2025040135-CVE-2025-21941-8240@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-21941
https://www.cve.org/CVERecord?id=CVE-2025-21941

History

Mon, 21 Apr 2025 02:45:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `Low`	threat_severity `Moderate`

Thu, 10 Apr 2025 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-476
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.14:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::
Vendors & Products		Linux Linux linux Kernel

Thu, 10 Apr 2025 13:15:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d

Wed, 02 Apr 2025 14:00:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025040135-CVE-2025-21941-8240@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-21941 https://www.cve.org/CVERecord?id=CVE-2025-21941
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Tue, 01 Apr 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not null before accessing. This prevents a null pointer dereference. Found by code review. (cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)
Title		drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params
References		https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743 https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90 https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1 https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-04-01T15:41:06.489Z

Updated: 2025-05-04T07:25:13.330Z

Reserved: 2024-12-29T08:45:45.789Z

Link: CVE-2025-21941

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2025-04-01T16:15:24.983

Modified: 2025-04-10T18:06:13.530

Link: CVE-2025-21941

Redhat

Severity : Moderate

Publid Date: 2025-04-01T00:00:00Z

Links: CVE-2025-21941 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-21941", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.789Z", "datePublished": "2025-04-01T15:41:06.489Z", "dateUpdated": "2025-05-04T07:25:13.330Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:25:13.330Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx->plane_state\nis null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "versions": [{"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "265422915416468ba91bffa56addbff45e18342a", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "f435192e00bc4d5d4134356b93212670ec47fa8d", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "c1e54752dc12e90305eb0475ca908f42f5b369ca", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "3b3c2be58d5275aa59d8b4810a59f173f2f5bac1", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "e0345c3478f185ca840daac7f08a1fcd4ebec3e9", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "3748fad09d89e9a5290e1738fd6872a79f794743", "status": "affected", "versionType": "git"}, {"version": "3be5262e353b8ab97c528bfc7d0dd3c820e4ba27", "lessThan": "374c9faac5a763a05bc3f68ad9f73dab3c6aec90", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.236", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.180", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.131", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.83", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.19", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.7", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.10.236"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.15.180"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.1.131"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.6.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.12.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.13.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.14"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a"}, {"url": "https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d"}, {"url": "https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca"}, {"url": "https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1"}, {"url": "https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9"}, {"url": "https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743"}, {"url": "https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90"}], "title": "drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params", "x_generator": {"engine": "bippy-1.2.0"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "04AA862F-EA9F-4178-A191-0A19D776E0E5", "versionEndExcluding": "5.10.236", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D19801C8-3D18-405D-9989-E6C9B30255FA", "versionEndExcluding": "5.15.180", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA9C2DE3-D37C-46C6-8DCD-2EE509456E0B", "versionEndExcluding": "6.1.131", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D9F642F-6E05-4926-B0FE-62F95B7266BC", "versionEndExcluding": "6.6.83", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "32865E5C-8AE1-4D3D-A64D-299039694A88", "versionEndExcluding": "6.12.19", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "842F5A44-3E71-4546-B4FD-43B0ACE3F32B", "versionEndExcluding": "6.13.7", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*", "matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*", "matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*", "matchCriteriaId": "66619FB8-0AAF-4166-B2CF-67B24143261D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*", "matchCriteriaId": "D3D6550E-6679-4560-902D-AF52DCFE905B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*", "matchCriteriaId": "45B90F6B-BEC7-4D4E-883A-9DBADE021750", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx->plane_state\nis null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Se corrige la comprobaci\u00f3n nula de pipe_ctx->plane_state en resource_build_scaling_params. Un problema de desreferencia de puntero nulo pod\u00eda ocurrir cuando pipe_ctx->plane_state era nulo. Esta correcci\u00f3n a\u00f1ade una comprobaci\u00f3n para garantizar que 'pipe_ctx->plane_state' no fuera nulo antes de acceder. Esto evita una desreferencia de puntero nulo. Encontrado mediante revisi\u00f3n de c\u00f3digo. (Seleccionado de el commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)"}], "id": "CVE-2025-21941", "lastModified": "2025-04-10T18:06:13.530", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-04-01T16:15:24.983", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params", "id": "2356604", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356604"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params\nNull pointer dereference issue could occur when pipe_ctx->plane_state\nis null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not\nnull before accessing. This prevents a null pointer dereference.\nFound by code review.\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)"], "name": "CVE-2025-21941", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-04-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21941\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21941\nhttps://lore.kernel.org/linux-cve-announce/2025040135-CVE-2025-21941-8240@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object