SB2025102142 - NULL pointer dereference in Linux kernel drm gma500 driver
Published: October 21, 2025
Security Bulletin ID
SB2025102142
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-40011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the oaktrail_hdmi_teardown() function in drivers/gpu/drm/gma500/oaktrail_hdmi.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/02e4ff4941efb9bbb40d8d5b61efa1a4119b1ba7
- https://git.kernel.org/stable/c/0fc650fa475b50c1da8236c5e900b9460c7027bc
- https://git.kernel.org/stable/c/352e66900cde63f3dadb142364d3c35170bbaaff
- https://git.kernel.org/stable/c/4bbfd1b290857b9d14ea9d91562bde55ff2bc85e
- https://git.kernel.org/stable/c/6ffa6b5bc861a3ea9dfcdc007f002b4a347c24ba
- https://git.kernel.org/stable/c/70b0c11483d3b90b2d0f416026e475e084a77e62
- https://git.kernel.org/stable/c/e15de80737d444ed743b1c60ced4a3a97913169b
- https://git.kernel.org/stable/c/f800f7054d2cf28b51296c7c575da27c29e3859b