CVE-2025-38391

{"id": "CVE-2025-38391", "cveTags": [], "metrics": {}, "published": "2025-07-25T13:15:28.487", "references": [{"url": "https://git.kernel.org/stable/c/114a977e0f6bf278e05eade055e13fc271f69cf7", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2f535517b5611b7221ed478527e4b58e29536ddf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/45e9444b3b97eaf51a5024f1fea92f44f39b50c6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/47cb5d26f61d80c805d7de4106451153779297a1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5581e694d3a1c2f32c5a51d745c55b107644e1f8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/621d5a3ef0231ab242f2d31eecec40c38ca609c5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/af4db5a35a4ef7a68046883bfd12468007db38f1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c93bc959788ed9a1af7df57cb539837bdf790cee", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: do not index invalid pin_assignments\n\nA poorly implemented DisplayPort Alt Mode port partner can indicate\nthat its pin assignment capabilities are greater than the maximum\nvalue, DP_PIN_ASSIGN_F. In this case, calls to pin_assignment_show\nwill cause a BRK exception due to an out of bounds array access.\n\nPrevent for loop in pin_assignment_show from accessing\ninvalid values in pin_assignments by adding DP_PIN_ASSIGN_MAX\nvalue in typec_dp.h and using i < DP_PIN_ASSIGN_MAX as a loop\ncondition."}], "lastModified": "2025-07-25T15:29:19.837", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}