CVE-2025-40322
BaseFortify
Publication date: 2025-12-08
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a global out-of-bounds read in the Linux kernel's fbdev bitblit component. Specifically, the functions bit_putcs_aligned() and bit_putcs_unaligned() derived a glyph pointer from a character value masked by 0xff or 0x1ff, which could exceed the actual number of glyphs in the font. This caused the system to read memory beyond the end of the built-in font array. The fix clamps the glyph index to the actual glyph count before accessing the address, preventing the out-of-bounds read.
How can this vulnerability impact me? :
This vulnerability can lead to a global out-of-bounds read in the Linux kernel, which may cause system instability, crashes, or potentially expose sensitive memory contents. Although it is a read-only issue, it could be exploited to leak information or cause denial of service.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for the bitblit glyph index bound-check issue in bit_putcs_aligned()/unaligned() functions to prevent out-of-bounds reads.