#VU112764 NULL pointer dereference in Linux kernel - CVE-2025-38319
Published: July 11, 2025
Vulnerability identifier: #VU112764
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-38319
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the atomctrl_initialize_mc_reg_table() and atomctrl_initialize_mc_reg_table_v2_2() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/64f3acc8c7e6809631457b75638601b36dea3129
- https://git.kernel.org/stable/c/7080c20a9139842033ed4af604dc1fa4028593ad
- https://git.kernel.org/stable/c/820116a39f96bdc7d426c33a804b52f53700a919
- https://git.kernel.org/stable/c/85cdcb834fb490731ff2d123f87ca799c57dacf2
- https://git.kernel.org/stable/c/a4ff7391c8b75b1541900bd9d0c238e558c11fb3
- https://git.kernel.org/stable/c/cdf7e1ff99ab06ef15d0b5d1aca5258a4fb62b85