CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/04/22 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013732)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013732 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at...

5.5CVSS5.8AI score0.00023EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011312 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at...

5.5CVSS6AI score0.00023EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011224)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011224 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct...

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010939 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically...

5.7AI score0.0004EPSS

Tenable Nessus•added 2026/04/17 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007427 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: fbpm2fb: Avoid potential divide by zero error In dofbioctl of fbmem.c, if cmd is...

5.5CVSS6AI score0.00051EPSS

Tenable Nessus•added 2026/04/17 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007324 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent null-ptr-deref fbaddvideomode can fail with -ENOMEM...

5.5CVSS5.9AI score0.00025EPSS

F5 Networks•added 2026/04/09 2:34 a.m.•8 views

K000160685: Linux kernel vulnerability CVE-2025-40322

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count a...

6.1AI score0.00084EPSS

Exploits0

Redos•added 2026/04/03 12:0 a.m.•5 views

ROS-20260403-73-0026

A vulnerability in the fbdev component of the Linux operating system kernel is related to writing outside of buffer boundaries. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

7.8CVSS6.7AI score0.00024EPSS

Exploits0

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Divide By Zero (CVE-2025-38312)

In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...

5.5CVSS6.3AI score0.00078EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•0 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference(CVE-2025-38214)

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, later it may lead to a null-ptr dereference in fbvideomodetovar, as the fbinfo is registere...

5.5CVSS6AI score0.00078EPSS

Tenable Nessus•added 2026/03/20 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: rivafb: fix divide error in nv3arb A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUTVSCREENINFO ioctl on /dev/fb. When...

EUVD•added 2026/03/18 6:31 p.m.•2 views

EUVD-2026-12907

In the Linux kernel, the following vulnerability has been resolved: fbdev: rivafb: fix divide error in nv3arb A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUTVSCREENINFO ioctl on /dev/fb. When doing so, the driver recomputes FIFO arbitration parameters in nv3ar...

5.8AI score0.00021EPSS

Exploits0References9

OSV•added 2026/03/18 5:44 p.m.•2 views

CVE-2026-23266 fbdev: rivafb: fix divide error in nv3_arb()

CVE•added 2026/03/18 5:44 p.m.•16 views

Exploits0References11

CVE-2026-23266

CVE-2026-23266 : In the Linux kernel fbdev rivafb driver, nv3_arb() can divide by state->mclk_khz (derived from PRAMDAC MCLK PLL) if an attacker exposes a zero value, causing a divide error and kernel crash. The fix adds a zero-check for state->mclk_khz before division. Affected: fbdev/riva...