Acknowledged
Created: Jul 28, 2025
Updated: Jul 29, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]usb: typec: altmodes/displayport: do not index invalid pin_assignments[EOL][EOL]A poorly implemented DisplayPort Alt Mode port partner can indicate[EOL]that its pin assignment capabilities are greater than the maximum[EOL]value, DP_PIN_ASSIGN_F. In this case, calls to pin_assignment_show[EOL]will cause a BRK exception due to an out of bounds array access.[EOL][EOL]Prevent for loop in pin_assignment_show from accessing[EOL]invalid values in pin_assignments by adding DP_PIN_ASSIGN_MAX[EOL]value in typec_dp.h and using i < DP_PIN_ASSIGN_MAX as a loop[EOL]condition.
CREATE(Triage):(User=admin) [CVE-2025-38391 (https://nvd.nist.gov/vuln/detail/CVE-2025-38391)
