UBUNTU-CVE-2025-21780

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  all | all | < 5.4.0-227.247 | < 5.15.0-171.181 | < 6.8.0-78.78

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  all | all | < 5.4.0-1156.166 | < 5.15.0-1101.108 | < 6.8.0-1035.37

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.15

  all | < 5.15.0-1101.108~20.04.1

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  all | < 5.4.0-1156.166~18.04.1

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  all

• ubuntu•linux-aws-6.5

  all

• ubuntu•linux-aws-6.8

  < 6.8.0-1035.37~22.04.1

• ubuntu•linux-aws-fips

  < 5.4.0-1155.165+fips1 | all | < 5.15.0-1101.108+fips1

• ubuntu•linux-azure

  all | all | all | < 5.4.0-1160.166 | < 5.15.0-1109.118 | < 6.8.0-1034.39

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.15

  all | < 5.15.0-1110.119~20.04.1

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  all | < 5.4.0-1161.167~18.04.1

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.11

  < 6.11.0-1015.15~24.04.1

• ubuntu•linux-azure-6.2

  all

• ubuntu•linux-azure-6.5

  all

• ubuntu•linux-azure-6.8

  < 6.8.0-1034.39~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all | all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  all

• ubuntu•linux-azure-fips

  < 5.4.0-1160.166+fips1 | all | < 5.15.0-1109.118+fips1

• ubuntu•linux-azure-nvidia

  < 6.8.0-1022.23

• ubuntu•linux-bluefield

  all | all | < 5.4.0-1116.123 | < 5.15.0-1085.87 | all

• ubuntu•linux-fips

  < 5.4.0-1130.140 | all | < 5.15.0-171.181+fips1 | < 6.8.0-78.78+fips1

• ubuntu•linux-gcp

  all | all | all | < 5.4.0-1159.168 | < 5.15.0-1101.110 | < 6.8.0-1036.38

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.15

  all | < 5.15.0-1101.110~20.04.1

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  all | < 5.4.0-1159.168~18.04.1

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.11

  < 6.11.0-1015.15~24.04.1

• ubuntu•linux-gcp-6.2

  all

• ubuntu•linux-gcp-6.5

  all

• ubuntu•linux-gcp-6.8

  < 6.8.0-1036.38~22.04.1

• ubuntu•linux-gcp-fips

  < 5.4.0-1159.168+fips1 | all | < 5.15.0-1101.110+fips1

• ubuntu•linux-gke

  all | all | < 5.15.0-1097.103 | < 6.8.0-1032.36

• ubuntu•linux-gke-4.15

  all

Showing first 50 affected entries in server-rendered view.

References (41)

• https://ubuntu.com/security/CVE-2025-21780
• https://www.cve.org/CVERecord?id=CVE-2025-21780
• https://git.kernel.org/linus/1abb2648698bf10783d2236a6b4a7ca5e8021699
• https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699
• https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de
• https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084
• https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a
• https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab
• https://ubuntu.com/security/notices/USN-7521-1
• https://ubuntu.com/security/notices/USN-7521-2
• https://ubuntu.com/security/notices/USN-7521-3
• https://ubuntu.com/security/notices/USN-7703-1
• https://ubuntu.com/security/notices/USN-7703-2
• https://ubuntu.com/security/notices/USN-7703-3
• https://ubuntu.com/security/notices/USN-7719-1
• https://ubuntu.com/security/notices/USN-7703-4
• https://ubuntu.com/security/notices/USN-7737-1
• https://ubuntu.com/security/notices/USN-8060-1
• https://ubuntu.com/security/notices/USN-8060-2
• https://ubuntu.com/security/notices/USN-8060-3
• https://ubuntu.com/security/notices/USN-8060-4
• https://ubuntu.com/security/notices/USN-8060-5
• https://ubuntu.com/security/notices/USN-8060-6
• https://ubuntu.com/security/notices/USN-8060-7
• https://ubuntu.com/security/notices/USN-8098-1
• https://ubuntu.com/security/notices/USN-8098-2
• https://ubuntu.com/security/notices/USN-8098-3
• https://ubuntu.com/security/notices/USN-8107-1
• https://ubuntu.com/security/notices/USN-8098-4
• https://ubuntu.com/security/notices/USN-8098-5
• https://ubuntu.com/security/notices/USN-8098-6
• https://ubuntu.com/security/notices/USN-8098-7
• https://ubuntu.com/security/notices/USN-8098-8
• https://ubuntu.com/security/notices/USN-8098-9
• https://ubuntu.com/security/notices/USN-8141-1
• https://ubuntu.com/security/notices/USN-8163-1
• https://ubuntu.com/security/notices/USN-8163-2
• https://ubuntu.com/security/notices/USN-8098-10
• https://ubuntu.com/security/notices/USN-8201-1
• https://ubuntu.com/security/notices/USN-8224-1
• https://ubuntu.com/security/notices/USN-8243-1