CVE-2025-38630

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent null-ptr-deref fbaddvideomode can fail with -ENOMEM when its internal kmalloc cannot allocate a struct fbmodelist. If that happens, the modelist stays empty but the driver continues t...

SUSE CVE-2025-38612

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

AZL-66497 CVE-2025-38612 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var

...

CVE-2025-38449 drm/gem: Acquire references on GEM handles for framebuffers

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...

USN-7654-3 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

PT-2025-49451

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the framebuffer console fbcon component. The issue arises because when a framebuffer is unregistered, the memory associated with i...

CVE-2025-38215

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...

DEBIAN-CVE-2025-38215

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...

PT-2025-33810

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was resolved in the fbtft framebuffer alloc function within the staging area of the Linux kernel. Specifically, memory allocated for info-pagerefs in fb deferred io init...

SUSE CVE-2022-50130

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: core: set smemlen before fbdeferredioinit call The fbtftframebufferalloc calls fbdeferredioinit before initializing info-fix.smemlen. It is set to zero by the framebufferalloc function. It will trigger a WARNON at...

DEBIAN-CVE-2022-50130

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: core: set smemlen before fbdeferredioinit call The fbtftframebufferalloc calls fbdeferredioinit before initializing info-fix.smemlen. It is set to zero by the framebufferalloc function. It will trigger a WARNON at...

SUSE CVE-2025-21976

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hypervfb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the following WARN and henc...

CVE-2025-21976

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hypervfb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the following WARN and henc...

SUSE CVE-2022-49070

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix unregistering of framebuffers without device OF framebuffers do not have an underlying device in the Linux device hierarchy. Do a regular unregister call instead of hot unplugging such a non-existing device. Fixes a NU...

DEBIAN-CVE-2021-47641

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: cirrusfb: check pixclock to avoid divide by zero Do a sanity check on pixclock value to avoid divide by zero. If the pixclock value is zero, the cirrusfb driver will round up pixclock to get the derived frequency as...

CVE-2022-49070 fbdev: Fix unregistering of framebuffers without device

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix unregistering of framebuffers without device OF framebuffers do not have an underlying device in the Linux device hierarchy. Do a regular unregister call instead of hot unplugging such a non-existing device. Fixes a NU...

PT-2025-9012

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.7-770 2 Description A vulnerability in the Linux kernel has been identified, which can cause the system to crash when using touchscreen and framebuffer on certain devices, such as the Nokia 770. The issue is...

PT-2025-30863

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to GEM Graphics Execution Manager handles and framebuffers. A GEM handle can be released while still attached to a DRM Direct Rendering...

kernel: drm/i915/dpt: Make DPT object unshrinkable

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...