Medium severity5.5NVD Advisory· Published Jul 9, 2025· Updated Jun 17, 2026
CVE-2025-38254
CVE-2025-38254
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add sanity checks for drm_edid_raw()
When EDID is retrieved via drm_edid_raw(), it doesn't guarantee to return proper EDID bytes the caller wants: it may be either NULL (that leads to an Oops) or with too long bytes over the fixed size raw_edid array (that may lead to memory corruption). The latter was reported actually when connected with a bad adapter.
Add sanity checks for drm_edid_raw() to address the above corner cases, and return EDID_BAD_INPUT accordingly.
(cherry picked from commit 648d3f4d209725d51900d6a3ed46b7b600140cdf)
Affected products
3Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.