CVE-2025-38360

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees [WHY] For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing the logic to the tile to enter an undefined state leading to a system hang. [HOW] Add more checks to ensure that the HUBP domain matching the DSC instance is appropriately powered. (cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4	Patch
https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e	Patch
https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc2::::::

History

18 Nov 2025, 20:32

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.16:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.16:rc1::::::
References	~~() https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4 -~~	() https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4 - Patch
References	~~() https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e -~~	() https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e - Patch
References	~~() https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390 -~~	() https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390 - Patch

Information

Published : 2025-07-25 13:15

Updated : 2025-11-18 20:32

NVD link : CVE-2025-38360

Mitre link : CVE-2025-38360

CVE.ORG link : CVE-2025-38360

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2025-38360", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-07-25T13:15:24.797", "references": [{"url": "https://git.kernel.org/stable/c/0d57dd1765d311111d9885346108c4deeae1deb4", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3f4e601bc6765e4ff5f42cc2d00993c86b367f7e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/646442758910d13f9afc57f38bc0a537c3575390", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it's possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn't met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Se han a\u00f1adido m\u00e1s comprobaciones para las garant\u00edas de DSC/HUBP ONO [WHY] En instancias DSC con valores distintos de cero, es posible que no se cumpla el dominio HUBP necesario para controlarlas en ASIC ONO secuenciales, lo que podr\u00eda provocar que la l\u00f3gica del mosaico entre en un estado indefinido y provoque un bloqueo del sistema. [HOW] Se han a\u00f1adido m\u00e1s comprobaciones para garantizar que el dominio HUBP correspondiente a la instancia DSC reciba la alimentaci\u00f3n adecuada. (Seleccionado del commit da63df07112e5a9857a8d2aaa04255c4206754ec)"}], "lastModified": "2025-11-18T20:32:19.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B4159AA-C70D-4DE5-9EE2-8F2728F13C5D", "versionEndExcluding": "6.12.37", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CC768E2-3BBC-4A6E-9C2F-ECB27A703C2D", "versionEndExcluding": "6.15.5", "versionStartIncluding": "6.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D4894DB-CCFE-4602-B1BF-3960B2E19A01"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09709862-E348-4378-8632-5A7813EDDC86"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}