CVE-2026-45958
published 2026-05-27CVE-2026-45958: In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In…
high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
In the Linux kernel, the following vulnerability has been resolved:
drm/exynos: vidi: fix to avoid directly dereferencing user pointer
In vidi_connection_ioctl(), vidi->edid(user pointer) is directly
dereferenced in the kernel.
This allows arbitrary kernel memory access from the user space, so instead
of directly accessing the user pointer in the kernel, we should modify it
to copy edid to kernel memory using copy_from_user() and use it.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 13537f7f6d28a87ee2e496e071b6ad9541905f23 | 13537f7f6d28a87ee2e496e071b6ad9541905f23 |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8c | c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8c |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 7efb6a4e6b1b523e744d17e6249757ed97caae7c | 7efb6a4e6b1b523e744d17e6249757ed97caae7c |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 2e147aa3169b83eaf044776f81d86235bf147de1 | 2e147aa3169b83eaf044776f81d86235bf147de1 |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 4c4193829109f38b2855de77981adc2e066286c7 | 4c4193829109f38b2855de77981adc2e066286c7 |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 4949e32387fe315b59ad5f422c9fc52836fbdd1e | 4949e32387fe315b59ad5f422c9fc52836fbdd1e |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < 235d702b771416b8a61e81bb09ba39282e4268fd | 235d702b771416b8a61e81bb09ba39282e4268fd |
| linux | linux | >= b73d12303ecfc91123363d8900e127da44bf42a6 < d4c98c077c7fb2dfdece7d605e694b5ea2665085 | d4c98c077c7fb2dfdece7d605e694b5ea2665085 |
| linux | linux_kernel | — | — |