141 matches found
CVE-2025-38630
CVE-2025-38630 involves the Linux kernel fbdev imxfb driver. The issue arises when fb_add_videomode() returns -ENOMEM from internal kmalloc(), leaving the modelist empty but the driver still registers, risking a null pointer dereference. The patch adds a check on the return value to prevent this,...
CVE-2025-38630 fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent null-ptr-deref fbaddvideomode can fail with -ENOMEM when its internal kmalloc cannot allocate a struct fbmodelist. If that happens, the modelist stays empty but the driver continues t...
Linux Distros Unpatched Vulnerability : CVE-2022-49978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: fbpm2fb: Avoid potential divide by zero error In dofbioctl of fbmem.c, if cmd is FBIOPUTVSCREENINFO, var will be copied from user, then go through fbsetv...
Linux Distros Unpatched Vulnerability : CVE-2013-2596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and othe...
fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
...
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
...
The vulnerability of the fb_cvt_hperiod() function in the fbdev component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the fbcvthperiod function in the fbdev component of the Linux operating system is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause a service failure...
fbdev: omapfb: Add 'plane' value check
...
AZL-72772 CVE-2025-38215 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...
UBUNTU-CVE-2025-38215
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...
SUSE CVE-2022-49978
In the Linux kernel, the following vulnerability has been resolved: fbdev: fbpm2fb: Avoid potential divide by zero error In dofbioctl of fbmem.c, if cmd is FBIOPUTVSCREENINFO, var will be copied from user, then go through fbsetvar and info-fbops-fbcheckvar which could may be pm2fbcheckvar. Along...
SUSE CVE-2022-50099
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memsetio In the function arkfbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger...
SUSE CVE-2022-50109
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and ofgraphgetremoteportparent which have increased the refcount. Besides, we...
UBUNTU-CVE-2022-49978
In the Linux kernel, the following vulnerability has been resolved: fbdev: fbpm2fb: Avoid potential divide by zero error In dofbioctl of fbmem.c, if cmd is FBIOPUTVSCREENINFO, var will be copied from user, then go through fbsetvar and info-fbops-fbcheckvar which could may be pm2fbcheckvar. Along...
UBUNTU-CVE-2022-50097
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger tha...
SUSE CVE-2022-49741
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist, destroymodedb label should only include framebufferrelease,...
CVE-2022-49741 fbdev: smscufx: fix error handling code in ufx_usb_probe
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist, destroymodedb label should only include framebufferrelease,...
DEBIAN-CVE-2024-58091
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...
PT-2025-14357
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the removal of a Hyper-V framebuffer device. When the device is unbound, the hyperv fb driver attempts to release the...
DEBIAN-CVE-2021-47652
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufxusbprobe I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fbdestroymodelist+0x38/0x100 ... Call Trace:...