141 matches found
CVE-2026-43202
CVE-2026-43202 affects the Linux kernel fbdev vt8500lcdfb driver. The root cause is a memory leak: fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed on error paths due to missing dma_free_coherent() cleanup. This can exhaust system memory and cause DoS. Multiple OSV...
CVE-2026-43202 fbdev: vt8500lcdfb: fix missing dma_free_coherent()
In the Linux kernel, the following vulnerability has been resolved: fbdev: vt8500lcdfb: fix missing dmafreecoherent fbi-fb.screenbuffer is allocated with dmaalloccoherent but is not freed if the error path is reached...
PT-2026-37542
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the fbdev component, specifically within the vt8500lcdfb driver, the fbi-fb.screen buffer is allocated using the dma alloc coherent function but is not properly released via dma free...
fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO
...
fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO
...
DEBIAN-CVE-2026-31605
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUTVSCREENINFO Much like commit 19f953e74356 "fbdev: fbpm2fb: Avoid potential divide by zero error", we also need to prevent that same crash from happening in the udlfb driver as it uses...
EUVD-2026-25511
In the Linux kernel, the following vulnerability has been resolved: fbdev: tdfxfb: avoid divide-by-zero on FBIOPUTVSCREENINFO Much like commit 19f953e74356 "fbdev: fbpm2fb: Avoid potential divide by zero error", we also need to prevent that same crash from happening in the udlfb driver as it uses...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011224)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011224 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct...
CVE-2026-23266
In the Linux kernel, the following vulnerability has been resolved: fbdev: rivafb: fix divide error in nv3arb A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUTVSCREENINFO ioctl on /dev/fb. When doing so, the driver recomputes FIFO arbitration parameters in nv3ar...
CLSA-2026-1773832495 Fix of 114 CVEs
CVE-2023-53515 - virtio-mmio: don't break lifecycle of vmdev CVE-2023-53515 CVE-2025-39967 - fbcon: fix integer overflow in fbcondosetfont CVE-2025-39967 - fbcon: Fix OOB access in font allocation CVE-2025-39967 CVE-2025-38702 - fbdev: fix potential buffer overflow in doregisterframebuffer...
fbdev: smscufx: properly copy ioctl memory to kernelspace
...
CVE-2026-23236
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...
CVE-2026-23236
Technical details about CVE-2026-23236 are not publicly provided in the supplied documents; advisories reference kernel fixes but do not specify affected components, versions, or impact. Monitor for updates.
CVE-2026-23236
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...
PT-2026-22922
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The UFX IOCTL REPORT DAMAGE ioctl does not correctly copy data from user space to kernel space. Instead, it directly references the memory, which can lead to issues if invalid data is...
kernel security update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.
A flaw was found in the Linux kernel, specifically within the framebuffer device fbdev subsystem. This vulnerability, an out-of-bounds write, occurs because the bitputcs function does not properly check boundaries when displaying text near the edges of the screen. A local user with low privileges...
AlmaLinux 8 : kernel-rt (ALSA-2026:2821)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2821 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in...
kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.
A flaw was found in the Linux kernel, specifically within the framebuffer device fbdev subsystem. This vulnerability, an out-of-bounds write, occurs because the bitputcs function does not properly check boundaries when displaying text near the edges of the screen. A local user with low privileges...
kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.
A flaw was found in the Linux kernel, specifically within the framebuffer device fbdev subsystem. This vulnerability, an out-of-bounds write, occurs because the bitputcs function does not properly check boundaries when displaying text near the edges of the screen. A local user with low privileges...