SB2025072749 - NULL pointer dereference in Linux kernel drm tegra driver
Published: July 27, 2025
Security Bulletin ID
SB2025072749
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38363)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tegra_crtc_reset() function in drivers/gpu/drm/tegra/dc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/31ac2c680a8ac11dc54a5b339a07e138bcedd924
- https://git.kernel.org/stable/c/5ff3636bcc32e1cb747f6f820bcf2bb6990a7d41
- https://git.kernel.org/stable/c/780351a5f61416ed2ba1199cc57e4a076fca644d
- https://git.kernel.org/stable/c/99a25fc7933b88d5e16668bf6ba2d098e1754406
- https://git.kernel.org/stable/c/ab390ab81241cf8bf37c0a0ac2e9c6606bf3e991
- https://git.kernel.org/stable/c/ac4ca634f0c9f227538711d725339293f7047b02
- https://git.kernel.org/stable/c/c7fc459ae6f988e0d5045a270bd600ab08bc61f1