PT-2025-27635 · Linux+5 · Linux Kernel+5

Published

2025-04-29

Updated

2026-05-26

CVE-2025-38091

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version that includes the fix for the issue described

Description: The issue is related to a false positive warning in the Linux kernel, specifically in the drm/amd/display component. This warning occurs due to a lack of correct checks when querying plane id in DML21, and it is triggered during a mode1 reset. The warning is associated with the dml2 map dc pipes function.

Recommendations: As a temporary workaround, consider disabling the dml2 map dc pipes function until a patch is available. Update to a version of the Linux kernel that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-11766

CVE-2025-38091

ECHO-1E3B-DC0E-52E3

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:02853-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025_02853-1

SUSE-SU-2025_02997-1

SUSE-SU-2025_03011-1

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2025-27635 · Linux+5 · Linux Kernel+5

CVE-2025-38091

Weakness Enumeration

Related Identifiers

Affected Products

References · 1638