Main Vulnerability Database SB2025052174

SB2025052174 - Buffer overflow in Linux kernel dc dml2 driver

Published: May 21, 2025

Security Bulletin ID SB2025052174

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2025-37965)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the populate_dml_surface_cfg_from_plane_state(), get_scaler_data_for_plane() and populate_dml_plane_cfg_from_plane_state() functions in drivers/gpu/drm/amd/display/dc/dml2/dml2_translation_helper.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/9984db63742099ee3f3cff35cf71306d10e64356
https://git.kernel.org/stable/c/b371f8f6d89ec8dfea796e00a44a57c44fc8fcc0
https://git.kernel.org/stable/c/d8c4afe78385cd355e4d80299d785379d6e874df