CVE-2025-38080

{"id": "CVE-2025-38080", "cveTags": [], "metrics": {}, "published": "2025-06-18T10:15:41.647", "references": [{"url": "https://git.kernel.org/stable/c/3a7810c212bcf2f722671dadf4b23ff70a7d23ee", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bf1666072e7482317cf2302621766482a21a62c7", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/de67e80ab48f1f23663831007a2fa3c1471a7757", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e55c5704b12eeea27e212bfab8f7e51ad3e8ac1f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt's possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient."}], "lastModified": "2025-06-18T13:46:52.973", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}