533 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-50010
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments tha...
Linux Distros Unpatched Vulnerability : CVE-2024-26777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the...
Linux Distros Unpatched Vulnerability : CVE-2023-52838
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug ...
Linux Distros Unpatched Vulnerability : CVE-2022-50109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and...
Linux Distros Unpatched Vulnerability : CVE-2025-37851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: omapfb: Add 'plane' value check Function dispcovlsetup is not intended to work with the value OMAPDSSWB of the enum parameter plane. The value of this...
Linux Distros Unpatched Vulnerability : CVE-2024-39475
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefbcheckvar failed The commit 04e5eac8f3abfbdev:...
Linux Distros Unpatched Vulnerability : CVE-2022-49741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist,...
Linux Distros Unpatched Vulnerability : CVE-2025-21977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot v...
Linux Distros Unpatched Vulnerability : CVE-2024-26778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check...
Linux Distros Unpatched Vulnerability : CVE-2025-38312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when...
PT-2025-35958
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the fbdev subsystem related to an out-of-bounds write in the fast imageblit function. This issue occurs when a user-space program performs an ioctl...
SUSE CVE-2025-38312
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...
DEBIAN-CVE-2025-38312
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...
AZL-64979 CVE-2025-38312 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...
CVE-2025-38312
CVE-2025-38312 concerns the Linux kernel fbdev path: fbcvt. In fb_find_mode_cvt(), if mode->refresh equals 0x80000000, cvt.f_refresh overflows when doubled, and is subsequently used as a divider in fb_cvt_hperiod(), causing a division by zero and potential kernel oops. The vulnerability is res...
CVE-2025-38312 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...
SUSE CVE-2025-38215
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...
SUSE CVE-2025-38214
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, later it may lead to a null-ptr dereference in fbvideomodetovar, as the fbinfo is registere...
CVE-2025-38214
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, later it may lead to a null-ptr dereference in fbvideomodetovar, as the fbinfo is registere...
DEBIAN-CVE-2025-38215
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...