{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-38597", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.028Z", "datePublished": "2025-08-19T17:03:32.380Z", "dateUpdated": "2026-05-11T21:31:19.733Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:31:19.733Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port\n\nEach window of a vop2 is usable by a specific set of video ports, so while\nbinding the vop2, we look through the list of available windows trying to\nfind one designated as primary-plane and usable by that specific port.\n\nThe code later wants to use drm_crtc_init_with_planes with that found\nprimary plane, but nothing has checked so far if a primary plane was\nactually found.\n\nFor whatever reason, the rk3576 vp2 does not have a usable primary window\n(if vp0 is also in use) which brought the issue to light and ended in a\nnull-pointer dereference further down.\n\nAs we expect a primary-plane to exist for a video-port, add a check at\nthe end of the window-iteration and fail probing if none was found."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/rockchip/rockchip_drm_vop2.c"], "versions": [{"version": "604be85547ce4d61b89292d2f9a78c721b778c16", "lessThan": "e1eef239399927b368f70a716044fb10085627c8", "status": "affected", "versionType": "git"}, {"version": "604be85547ce4d61b89292d2f9a78c721b778c16", "lessThan": "38682edbbad272b5f8c7bf55128b42cd10626f73", "status": "affected", "versionType": "git"}, {"version": "604be85547ce4d61b89292d2f9a78c721b778c16", "lessThan": "f9f68bf1d0efeadb6c427c9dbb30f307a7def19b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/rockchip/rockchip_drm_vop2.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.10", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.1", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.15.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.16.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e1eef239399927b368f70a716044fb10085627c8"}, {"url": "https://git.kernel.org/stable/c/38682edbbad272b5f8c7bf55128b42cd10626f73"}, {"url": "https://git.kernel.org/stable/c/f9f68bf1d0efeadb6c427c9dbb30f307a7def19b"}], "title": "drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E079EAFD-DB0D-4171-A04F-254DAA719CB9", "versionEndExcluding": "6.15.10", "versionStartIncluding": "5.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "58182352-D7DF-4CC9-841E-03C1D852C3FB", "versionEndExcluding": "6.16.1", "versionStartIncluding": "6.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port\n\nEach window of a vop2 is usable by a specific set of video ports, so while\nbinding the vop2, we look through the list of available windows trying to\nfind one designated as primary-plane and usable by that specific port.\n\nThe code later wants to use drm_crtc_init_with_planes with that found\nprimary plane, but nothing has checked so far if a primary plane was\nactually found.\n\nFor whatever reason, the rk3576 vp2 does not have a usable primary window\n(if vp0 is also in use) which brought the issue to light and ended in a\nnull-pointer dereference further down.\n\nAs we expect a primary-plane to exist for a video-port, add a check at\nthe end of the window-iteration and fail probing if none was found."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/rockchip: vop2: falla correctamente si falta un plano principal para un puerto de v\u00eddeo. Cada ventana de un vop2 es utilizable por un conjunto espec\u00edfico de puertos de v\u00eddeo, por lo que al vincular el vop2, revisamos la lista de ventanas disponibles intentando encontrar una designada como plano principal y utilizable por ese puerto espec\u00edfico. Posteriormente, el c\u00f3digo quiere usar drm_crtc_init_with_planes con ese plano principal encontrado, pero hasta ahora no se ha comprobado si realmente se encontr\u00f3 un plano principal. Por alguna raz\u00f3n, el vp2 rk3576 no tiene una ventana principal utilizable (si vp0 tambi\u00e9n est\u00e1 en uso), lo que sac\u00f3 a la luz el problema y termin\u00f3 en una desreferencia de puntero nulo m\u00e1s adelante. Como esperamos que exista un plano principal para un puerto de v\u00eddeo, agregue una comprobaci\u00f3n al final de la iteraci\u00f3n de la ventana y falle el sondeo si no se encuentra ninguno."}], "id": "CVE-2025-38597", "lastModified": "2025-11-26T18:01:39.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-08-19T17:15:37.613", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/38682edbbad272b5f8c7bf55128b42cd10626f73"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e1eef239399927b368f70a716044fb10085627c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f9f68bf1d0efeadb6c427c9dbb30f307a7def19b"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port", "id": "2389493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389493"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-38597", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-08-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38597\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38597\nhttps://lore.kernel.org/linux-cve-announce/2025081919-CVE-2025-38597-82d6@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-08-21T12:31:51.891617+00:00", "updated": "2025-08-21T12:31:51.891682+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}