EUVD-2025-201623

| CVE-2025-40322
2025-12-08 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Lifecycle Timeline

4
Patch Released
Mar 16, 2026 - 15:00 nvd
Patch available
EUVD ID Assigned
Mar 15, 2026 - 17:54 euvd
EUVD-2025-201623
Analysis Generated
Mar 15, 2026 - 17:54 vuln.today
CVE Published
Dec 08, 2025 - 01:16 nvd
N/A

Tags

Buffer Overflow Linux Linux Kernel

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bit_putcs* bit_putcs_aligned()/unaligned() derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the built-in font array. Clamp the index to the actual glyph count before computing the address. This fixes a global out-of-bounds read reported by syzbot.

Analysis

In the Linux kernel, the following vulnerability has been resolved:

fbdev: bitblit: bound-check glyph index in bit_putcs*

bit_putcs_aligned()/unaligned() derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the built-in font array. Clamp the index to the actual glyph count before computing the address.

This fixes a global out-of-bounds read reported by syzbot.

Technical Context

An out-of-bounds memory access occurs when code reads from or writes to memory locations outside the intended buffer boundaries.

Remediation

Implement proper bounds checking on all array and buffer accesses. Use memory-safe languages or static analysis tools to detect OOB issues.

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

EUVD-2025-201623 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy