CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37965: drm/amd/display: Fix invalid context error in dml helper

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix invalid context error in dml helper

[Why]
"BUG: sleeping function called from invalid context" error.
after:
"drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()"

The populate_dml_plane_cfg_from_plane_state() uses the GFP_KERNEL flag
for memory allocation, which shouldn't be used in atomic contexts.

The allocation is needed only for using another helper function
get_scaler_data_for_plane().

[How]
Modify helpers to pass a pointer to scaler_data within existing context,
eliminating the need for dynamic memory allocation/deallocation
and copying.

(cherry picked from commit bd3e84bc98f81b44f2c43936bdadc3241d654259)

Classification

CVE ID: CVE-2025-37965

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 4.26% (scored less or equal to compared to others)

EPSS Date: 2025-06-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37965
https://git.kernel.org/stable/c/d8c4afe78385cd355e4d80299d785379d6e874df
https://git.kernel.org/stable/c/b371f8f6d89ec8dfea796e00a44a57c44fc8fcc0
https://git.kernel.org/stable/c/9984db63742099ee3f3cff35cf71306d10e64356

Timeline

2025-05-20 17:40:22 UTC
CVE

drm/amd/display: Fix invalid context error in dml helper