Null Pointer Dereference in Linux Kernel's fbdev Leading to System Instability
CVE-2025-38215

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 July 2025

What is CVE-2025-38215?

A vulnerability in the Linux kernel's framebuffer device (fbdev) module can lead to a null pointer dereference if memory allocation for fb_videomode fails during the framebuffer registration process. This error occurs when fb_add_videomode() fails to allocate necessary resources, causing subsequent code attempts to access uninitialized memory. The issue can result in a general protection fault, leading to system instability and potential crashes. Developers are advised to implement the latest fixes to prevent such vulnerabilities from being exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 908c5bb64f9c4319902b8ca1aa3fef8f83302520

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0909b2b49c4546a7a08c80f53d93736b63270827

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3f2098f4fba7718eb2501207ca6e99d22427f25a

References

https://git.kernel.org/stable/c/908c5bb64f9c4319902b8ca1a...
https://git.kernel.org/stable/c/0909b2b49c4546a7a08c80f53...
https://git.kernel.org/stable/c/3f2098f4fba7718eb2501207c...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.