{"id":"CVE-2025-40360","summary":"drm/sysfb: Do not dereference NULL pointer in plane reset","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sysfb: Do not dereference NULL pointer in plane reset\n\nThe plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not\nderef that pointer, but forward NULL to the other plane-reset helpers.\nClears plane-\u003estate to NULL.\n\nv2:\n- fix typo in commit description (Javier)","modified":"2026-04-02T12:48:22.749899Z","published":"2025-12-16T13:39:59.490Z","related":["MGASA-2026-0017","MGASA-2026-0018","SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20145-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40360.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/14e02ed3876f4ab0ed6d3f41972175f8b8df3d70"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6abeff03cb79a2c7f4554a8e8738acd35bb37152"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6bdef5648a60e49d4a3b02461ab7ae3776877e77"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b61ed8005bd3102510fab5015ac6a275c9c5ea16"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c4faf7f417eea8b8d5cc570a1015736f307aa2d5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c7d5e69866bbe95c1e4ab4c10a81e0a02d9ea232"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40360.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40360"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b715650220311e50448cb499c71084ca8aeeeece"},{"fixed":"6abeff03cb79a2c7f4554a8e8738acd35bb37152"},{"fixed":"c4faf7f417eea8b8d5cc570a1015736f307aa2d5"},{"fixed":"b61ed8005bd3102510fab5015ac6a275c9c5ea16"},{"fixed":"6bdef5648a60e49d4a3b02461ab7ae3776877e77"},{"fixed":"c7d5e69866bbe95c1e4ab4c10a81e0a02d9ea232"},{"fixed":"14e02ed3876f4ab0ed6d3f41972175f8b8df3d70"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40360.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.15.0"},{"fixed":"5.15.197"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.159"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.117"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.58"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40360.json"}}],"schema_version":"1.7.5"}