AZL-68468

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68468.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-68468

Upstream

CVE-2025-39967

Published

2025-10-15T08:15:34Z

Modified

2026-04-01T05:21:25.442280Z

Summary

CVE-2025-39967 affecting package kernel for versions less than 6.6.112.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

fbcon: fix integer overflow in fbcondoset_font

Fix integer overflow vulnerabilities in fbcondoset_font() where font size calculations could overflow when handling user-controlled font parameters.

The vulnerabilities occur when: 1. CALCFONTSZ(h, pitch, charcount) performs h * pith * charcount multiplication with user-controlled values that can overflow. 2. FONTEXTRA_WORDS * sizeof(int) + size addition can also overflow 3. This results in smaller allocations than expected, leading to buffer overflows during font data copying.

Add explicit overflow checking using checkmuloverflow() and checkaddoverflow() kernel helpers to safety validate all size calculations before allocation.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-39967

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.112.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68468.json"