9 matches found
EUVD-2026-38936
In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performe...
CVE-2026-46211
CVE-2026-46211 affects the Linux kernel drm/msm/gem component. The flaw in msm_ioctl_gem_info_get_metadata() can cause a NULL pointer dereference due to unchecked allocation (kmemdup()) and always returning 0 on errors, making userspace believe success. The issue is fixed by adding a NULL check f...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intelgetcrtcnewencoder less oops-oriented. The purpose of the WARN message was to print something, not to simply report an “oops”. Currently, this exactly happens when we cannot find the Crtc connector in the atomi...
kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd
A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver amdkfd within the drm subsystem. When either getnumsdmaqueues or getnumxgmisdmaqueues returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C an...
CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...
kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory
A vulnerability was found in the drm/vmwgfx driver in the Linux kernel, concerning the lifetime management of the buffer object BO cursor memory. This issue occurs due to improper handling of the cursor memory's lifecycle, which could lead to use-after-free errors or crashes...
The vulnerability of the xe_exec_queue_put function in the Linux operating system’s DRM kernel component, which allows a hacker to trigger a service failure
The vulnerability of the xeexecqueueput function in the Linux operating system’s DRM kernel component is related to the use of memory after deallocation. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability of the tegra_fb_create() function in the Tegra DRM kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the tegrafbcreate function in the drivers/gpu/drm/tegra/fb.c file of the Tegra DRM driver for the Linux operating system is related to improper manipulation of the reference counter for resources. Exploiting this vulnerability could allow an attacker to cause a service failur...
PT-2025-53168
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the drm client target cloned function within the kernel's DRM client module. The dmt mode memory is allocated but not freed, potentially leading to resource...