CVE-2025-21985

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns out-of-bound accesses in the Linux kernel, specifically in the drm/amd/display component. The problem arises because hpo stream to link encoder mapping has a size of MAX HPO DP2 ENCODERS (which is 4), but the location can have a size up to 6, necessitating a check against MAX HPO DP2 ENCODERS. Similarly, disp cfg stream location can be used as an array index, which should range from 0 to 5. The conditions in the ASSERT statements should be adjusted to be less than, without equal.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Out of bounds Read

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125CWE-129

Related Identifiers

AZL-62672

BDU:2026-01282

CVE-2025-21985

ECHO-55F9-027B-7F68

OPENSUSE-SU-2025_01614-1

OPENSUSE-SU-2025_01707-1

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:20343-1

SUSE-SU-2025:20344-1

SUSE-SU-2025:20354-1

SUSE-SU-2025:20355-1

SUSE-SU-2025_01614-1

SUSE-SU-2025_01707-1

SUSE-SU-2025_01951-1

SUSE-SU-2025_01964-1

SUSE-SU-2025_01967-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

CVE-2025-21985

Weakness Enumeration

Related Identifiers

Affected Products

References · 1359