CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...

Linux Distros Unpatched Vulnerability : CVE-2023-53314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field t...

Linux Distros Unpatched Vulnerability : CVE-2025-21977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot v...

CVE-2022-50109 video: fbdev: amba-clcd: Fix refcount leak bugs

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and ofgraphgetremoteportparent which have increased the refcount. Besides, we...

CVE-2022-50109 video: fbdev: amba-clcd: Fix refcount leak bugs

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and ofgraphgetremoteportparent which have increased the refcount. Besides, we...

CVE-2022-50102 video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in arksetpixclock Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug in:...

CVE-2022-50010 video: fbdev: i740fb: Check the argument of i740_calc_vclk()

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...

CVE-2022-49741 fbdev: smscufx: fix error handling code in ufx_usb_probe

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist, destroymodedb label should only include framebufferrelease,...

CVE-2022-49419

The CVE-2022-49419 issue affects the Linux kernel vesafb (video: fbdev) where use-after-free can occur if the fb_info is freed in the .remove path before or after .fb_destroy. The underlying cause is an ordering bug: the code previously freed fb_info in .remove, which could reference freed memory...

CVE-2021-47652

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufxusbprobe I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fbdestroymodelist+0x38/0x100 ... Call Trace:...

SUSE CVE-2024-56746

In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fballocmem When information such as info-screenbase is not ready, calling sh7760fbfreemem does not release memory correctly. Call dmafreecoherent instead...

CVE-2024-26777 fbdev: sis: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

GSD-2022-1005559 video: fbdev: arkfb: Check the size of screen before memset_io()

video: fbdev: arkfb: Check the size of screen before memsetio This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow

+----------------------------------------------------------------+ | XADV-2013003 Linux Kernel fbdev Driver arcfbwrite Overflow | +----------------------------------------------------------------+ Vulnerable versions: - linux kernel 3.12 = - linux kernel 2.6.x Testbed: linux kernel 2.6.18 Type:...

xorg-x11-server security and bug fix update

1.1.1-48.90.0.1.el5 - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file 1.1.1-48.90 - cve-2011-4028.patch: File existence disclosure vulnerability. 1.1.1-48.88 - cve-2011-4818.patch: Multiple input sanitization flaws in Render and GLX -...