VDB

CVE-2025-39906

CVE-2025-39906 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: remove oem i2c adapter on finish Fixes a bug where unbinding of the GPU would leave the oem i2c adapter registered resulting in a null pointer dereference when applications try to access the invalid device. (cherry picked from commit 89923fb7ead4fdd37b78dd49962d9bb5892403e6)

EPSS 0.02% · 5.7th percentile

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.02%
5.7th percentile

Affected Products

VendorProductVersions
LinuxLinux3d5470c973149f479572dcf4eea064775041ea6c, 3d5470c973149f479572dcf4eea064775041ea6c, 0
linuxlinux_kernel6.15, 6.15, 6.17

Timeline

  • Jan 21, 1970 Security Advisory
  • Oct 1, 2025 EPSS Score
  • Oct 1, 2025 CVE Published
  • Oct 4, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 8, 2025 EPSS Score
  • Oct 9, 2025 Coalition ESS Score
  • Oct 12, 2025 PoC Published
  • Oct 14, 2025 EPSS Score
  • Oct 21, 2025 EPSS Score
  • Oct 27, 2025 EPSS Score
  • Nov 3, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›