CVE-2025-22093
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's AMD display driver allows local attackers to cause a kernel panic (denial of service) when using AMD graphics hardware that doesn't support DMUB (Display Microcontroller Unit B). This affects Linux systems with AMD graphics drivers.
💻 Affected Systems
- Linux kernel with AMD display driver (drm/amd/display)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel panic, causing system crash and denial of service. In rare cases, could potentially lead to arbitrary code execution in kernel context.
Likely Case
Local denial of service through kernel panic when specific display operations are performed on affected AMD hardware.
If Mitigated
No impact if patched or if system doesn't use affected AMD graphics hardware.
🎯 Exploit Status
Exploitation requires local access and ability to perform display operations. The crash dump shows it was triggered by DrmThread during cursor operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 3453bcaf2ca9, 35ad39afd007, 42d9d7bed270, 5e4b1e04740c, b3a93a2407ad
Vendor Advisory: https://git.kernel.org/stable/c/3453bcaf2ca92659346bf8504c2b52b3993fbd79
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for security updates. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable affected AMD graphics hardware
linuxBlacklist or disable the AMD display driver if not needed
echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
🧯 If You Can't Patch
- Restrict local user access to systems with vulnerable AMD hardware
- Monitor for kernel panic events and investigate any crashes related to display operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if using AMD graphics: 'uname -r' and 'lspci | grep -i amd'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable commits: 'uname -r' and check kernel changelog for fix commits📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages with 'NULL pointer dereference' in dmub_hw_lock_mgr_cmd
- System crashes during display/cursor operations
- dmesg showing AMD display driver crashes
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "dmub_hw_lock_mgr_cmd" OR "BUG: kernel")🔗 References
- https://git.kernel.org/stable/c/3453bcaf2ca92659346bf8504c2b52b3993fbd79
- https://git.kernel.org/stable/c/35ad39afd007eddf34b3307bebb715c26891cc96
- https://git.kernel.org/stable/c/42d9d7bed270247f134190ba0cb05bbd072f58c2
- https://git.kernel.org/stable/c/5e4b1e04740cdb28de189285007366d99a92f1ce
- https://git.kernel.org/stable/c/b3a93a2407ad23c8d5bacabaf7cecbb4c6cdd461
- https://git.kernel.org/stable/c/d953e2cd59ab466569c6f9da460e01caf1c83559
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
