CVE-2025-21780
Published: 27 February 2025
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().
Security Summary
CVE-2025-21780 is a buffer overflow vulnerability in the Linux kernel's drm/amdgpu subsystem, specifically within the smu_sys_set_pp_table() function. The issue arises when a malicious user supplies a small power play table (pptable) through sysfs, followed by a larger pptable, triggering a buffer overflow. It has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-120 (Buffer Copy without Checking Size of Input).
A local attacker with low privileges can exploit this vulnerability by interacting with the sysfs interface to deliver the crafted pptables. Successful exploitation leads to a buffer overflow, potentially allowing arbitrary code execution, data corruption, or system denial of service with high impacts on confidentiality, integrity, and availability.
Mitigation is provided through kernel patches available in stable releases, as documented in the following commit references: https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699, https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de, https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084, https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a, and https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab. These commits resolve the buffer overflow by improving handling in smu_sys_set_pp_table(). Security practitioners should update affected Linux kernels with these fixes.
Details
- CWE(s)