Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2025-21780 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2025-21780

CVE-2025-21780

HIGH7.8

drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()

Published Feb 27, 2025

Modified 4 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()

It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().

References

WEB

https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699

WEB

https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de

WEB

https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084

WEB

https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a

WEB

https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab

WEB

https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2025-21780

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedFeb 27, 2025

ModifiedNov 3, 2025