CVE-2025-21987

MEDIUM EPSS 5.8%
Published Apr 2, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 2, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgpu_ttm_clear_buffer Otherwise an uninitialized value can be returned if amdgpu_res_cleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812 (cherry picked from commit 7c62aacc3b452f73a1284198c81551035fac6d71)

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥6.10  –  <6.12.18
linuxlinux_kernel*≥6.13  –  <6.13.6
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/5bd98c2df4a0f2e2dcbdf563feb8d348406377b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d2c9625b0ade41f9917875d88173a0cc802b95fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3c7059b6a8600fc62cd863f1ea203b8675e63e1
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/5bd98c2df4a0f2e2dcbdf563feb8d348406377b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d2c9625b0ade41f9917875d88173a0cc802b95fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3c7059b6a8600fc62cd863f1ea203b8675e63e1
    Patch