๐Ÿ” CVE Alert

CVE-2025-40304

UNKNOWN 0.0

fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip image height to screen boundary. Break from the rendering loop if the X position is off-screen. When clipping image width to fit the screen, update the character count to match the clipped width to prevent buffer size mismatches. Without the character count update, bit_putcs_aligned and bit_putcs_unaligned receive mismatched parameters where the buffer is allocated for the clipped width but cnt reflects the original larger count, causing out-of-bounds writes.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Dec 8, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 996bfaa7372d6718b6d860bdf78f6618e850c702 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < f0982400648a3e00580253e0c48e991f34d2684c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1943b69e87b0ab35032d47de0a7fca9a3d1d6fc1 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ebc0730b490c7f27340b1222e01dd106e820320d 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 86df8ade88d290725554cefd03101ecd0fbd3752 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 15ba9acafb0517f8359ca30002c189a68ddbb939 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2d1359e11674ed4274934eac8a71877ae5ae7bbb 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3637d34b35b287ab830e66048841ace404382b67
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/996bfaa7372d6718b6d860bdf78f6618e850c702 git.kernel.org: https://git.kernel.org/stable/c/f0982400648a3e00580253e0c48e991f34d2684c git.kernel.org: https://git.kernel.org/stable/c/1943b69e87b0ab35032d47de0a7fca9a3d1d6fc1 git.kernel.org: https://git.kernel.org/stable/c/ebc0730b490c7f27340b1222e01dd106e820320d git.kernel.org: https://git.kernel.org/stable/c/86df8ade88d290725554cefd03101ecd0fbd3752 git.kernel.org: https://git.kernel.org/stable/c/15ba9acafb0517f8359ca30002c189a68ddbb939 git.kernel.org: https://git.kernel.org/stable/c/2d1359e11674ed4274934eac8a71877ae5ae7bbb git.kernel.org: https://git.kernel.org/stable/c/3637d34b35b287ab830e66048841ace404382b67