Volerion logoVolerion
Volerion logoVolerion

Linux Kernel DisplayPort Alternate Mode Pin Assignment Negative Indexing Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's USB Type-C DisplayPort alternate mode driver. This issue arises from negative indexing in the pin_assignment_show function when no compatible pin assignments are found. The vulnerability has been addressed in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a use-after-free condition, which can commonly result in memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by invoking the pin_assignment_show function in the DisplayPort alternate mode driver when there are no compatible pin assignments available. This scenario triggers negative indexing in the buffer array, causing a use-after-free vulnerability.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree where this vulnerability has been fixed.

Added: Dec 30, 2025, 4:10 PM
Updated: Dec 30, 2025, 4:10 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
1.9
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.