CVE-2025-38362
MEDIUMLinux Kernel 5.8-6.15.4 - Null Pointer Dereference in mod_hdcp_hdcp1_enable_encryption
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the function get_first_active_display(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference in mod_hdcp_hdcp2_enable_encryption(). Add a null pointer check for get_first_active_display() and return MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.
References (7)
Core 7
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
12.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (21)
debian/debian_linux
11.0
linux/Kernel
5.16.0 - 6.1.143linux
linux/Kernel
5.8.0 - 5.15.187linux
linux/Kernel
6.13.0 - 6.15.5linux
linux/Kernel
6.2.0 - 6.6.96linux
linux/Kernel
6.7.0 - 6.12.36linux
Linux/Linux
< 5.8
Linux/Linux
2deade5ede56581722c0d7672f28b09548dc0fc4 - 1ebcdf38887949def1a553ff3e45c98ed95a3cd0
Linux/Linux
2deade5ede56581722c0d7672f28b09548dc0fc4 - 34d3e10ab905f06445f8dbd8a3d9697095e71bae
Linux/Linux
2deade5ede56581722c0d7672f28b09548dc0fc4 - 4ce9f2dc9ff7cc410e8c5d936ec551e26b9599a9
... and 11 more
Published
Jul 25, 2025
Tracked Since
Feb 18, 2026