vulnerability
Debian: CVE-2025-38080: linux -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:N/I:C/A:C) | Jun 18, 2025 | Jun 20, 2025 | Oct 24, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:C)
Published
Jun 18, 2025
Added
Jun 20, 2025
Modified
Oct 24, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Increase block_sequence array size
[Why]
It's possible to generate more than 50 steps in hwss_build_fast_sequence,
for example with a 6-pipe asic where all pipes are in one MPC chain. This
overflows the block_sequence buffer and corrupts block_sequence_steps,
causing a crash.
[How]
Expand block_sequence to 100 items. A naive upper bound on the possible
number of steps for a 6-pipe asic, ignoring the potential for steps to be
mutually exclusive, is 91 with current code, therefore 100 is sufficient.
Solution
no-fix-debian-deb-package
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.