Linux Kernel EDID Processing Vulnerability in AMD Display Driver

Vulnerability

A vulnerability in the Linux kernel's AMD display driver related to the handling of Extended Display Identification Data (EDID) has been addressed. The issue arose because the function 'drm_edid_raw()' could return NULL, leading to a system crash, or provide excessively long data that could cause memory corruption. This problem was particularly noted when a faulty adapter was used. To mitigate these risks, additional sanity checks have been implemented in 'drm_edid_raw()' to ensure proper EDID bytes are returned, with inappropriate inputs flagged as 'EDID_BAD_INPUT'.

Impact

The vulnerability could lead to a system crash or memory corruption, depending on how the improper EDID data was handled.

Added: Jul 9, 2025, 11:36 AM

Updated: Jul 9, 2025, 11:36 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel EDID Processing Vulnerability in AMD Display Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating