Null Pointer Dereference Vulnerability in Linux Kernel's Framebuffer Driver
CVE-2025-38630

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38630?

A vulnerability in the Linux kernel's framebuffer driver may lead to a null pointer dereference issue. The function fb_add_videomode() can return -ENOMEM if memory allocation fails, which can result in an empty modelist while allowing the driver to continue its registration process. This flaw necessitates a check for the return value of fb_add_videomode() to prevent potential null pointer dereference, mirroring corrections made in previous commits to enhance the driver's stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c < 69373502c2b5d364842c702c941d1171e4f35a7c

Linux 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Linux 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

References

https://git.kernel.org/stable/c/69373502c2b5d364842c702c9...
https://git.kernel.org/stable/c/f00c29e6755ead56baf2a9c1d...
https://git.kernel.org/stable/c/cca8f5a3991916729b39d797d...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.