CVE-2025-38630
Published: Aug 22, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that happens, the modelist stays empty but the driver continues to register. Add a check for its return value to prevent poteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 ("fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var").
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c - < 69373502c2b5d364842c702c941d1171e4f35a7caffected 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c - < f00c29e6755ead56baf2a9c1d3c4c0bb40af3612affected 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c - < cca8f5a3991916729b39d797d01499c335137319affected 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c - < ac16154cccda8be10ee3ae188f10a06f3890bc5daffected 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c - < 4b5d36cc3014986e6fac12eaa8433fe56801d4ce+4 more versions |
Linux | Linux | affected 3.11unaffected 0 - < 3.11unaffected 5.4.297 - <= 5.4.*unaffected 5.10.241 - <= 5.10.*unaffected 5.15.190 - <= 5.15.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now