CVE-2025-21780

Published: Feb 27, 2025Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().

Affected (6)

Products: Linux: Linux Kernel

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 6.1.129
Linux Linux Kernel	From 6.13 to 6.13.4
Linux Linux Kernel	From 6.2 to 6.6.79
Linux Linux Kernel	From 6.7 to 6.12.16
Linux Linux Kernel	Version 6.14 rc1
Linux Linux Kernel	Version 6.14 rc2

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.