Buffer Overflow Vulnerability in Linux Kernel's Framebuffer Management
CVE-2025-38702

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38702?

A potential buffer overflow vulnerability has been identified in the Linux kernel's framebuffer management. This issue arises when unregistration leads to NULL gaps in the registered framebuffer array, allowing the registration process to exceed defined array bounds. Consequently, this flaw could potentially result in memory access violations and system instability. Implementing boundary checks is crucial to prevent unauthorized access and mitigate the risks associated with this vulnerability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5c3f5a25c62230b7965804ce7a2e9305c3ca3961

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 806f85bdd3a60187c21437fc51baace11f659f35

References

https://git.kernel.org/stable/c/5c3f5a25c62230b7965804ce7...

https://git.kernel.org/stable/c/cbe740de32bb0fb7a5213731f...

https://git.kernel.org/stable/c/806f85bdd3a60187c21437fc5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025