CVE-2025-38630
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38630
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38630.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38630
- Downstream
- Related
- Published
- 2025-08-22T16:15:36Z
- Modified
- 2025-09-06T13:01:27Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fbdev: imxfb: Check fbaddvideomode to prevent null-ptr-deref
fbaddvideomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fbmodelist. If that happens, the modelist stays empty but the driver continues to register. Add a check for its return value to prevent poteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 ("fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar").
- References
-
- https://git.kernel.org/stable/c/40f0a51f6c54d46a94b9f1180339ede7ca7ee190
- https://git.kernel.org/stable/c/49377bac9e3bec1635065a033c9679214fe7593e
- https://git.kernel.org/stable/c/4b5d36cc3014986e6fac12eaa8433fe56801d4ce
- https://git.kernel.org/stable/c/69373502c2b5d364842c702c941d1171e4f35a7c
- https://git.kernel.org/stable/c/ac16154cccda8be10ee3ae188f10a06f3890bc5d
- https://git.kernel.org/stable/c/cca8f5a3991916729b39d797d01499c335137319
- https://git.kernel.org/stable/c/da11e6a30e0bb8e911288bdc443b3dc8f6a7cac7
- https://git.kernel.org/stable/c/f00c29e6755ead56baf2a9c1d3c4c0bb40af3612
- https://git.kernel.org/stable/c/f060441c153495750804133555cf0a211a856892