Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(). When display control context (dc->ctx) construction fails (due to memory allocation failure), this pointer remains NULL. During subsequent error handling when dc_destruct() is called, there's no NULL check before dereferencing the perf_trace member (dc->ctx->perf_trace), causing a kernel null pointer dereference crash. [How] Check if dc->ctx is non-NULL before dereferencing. (Updated commit text and removed unnecessary error message) (cherry picked from commit 9dd8e2ba268c636c240a918e0a31e6feaee19404)
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.15, < 6.12.44 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/0961673cc5f0055957aa46f25eb4ef6c07e00165Patch
- https://git.kernel.org/stable/c/1bcf63a44381691d6192872801f830ce3250e367Patch
- https://git.kernel.org/stable/c/4ade995b9b25b3c6e8dc42c27070340f1358d8c8Patch
FAQ
What is CVE-2025-39705?
CVE-2025-39705 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD dis...
How severe is CVE-2025-39705?
CVE-2025-39705 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-39705?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.