PT-2025-17666 · Linux+4 · Linux Kernel+4
Published
2025-04-23
·
Updated
2026-05-26
·
CVE-2025-40322
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A flaw exists in the Linux kernel’s fbdev component related to bitblit operations and glyph indexing within the
bit putcs function. Specifically, the glyph pointer calculation in bit putcs aligned() and bit putcs unaligned() did not adequately bound-check the glyph index, potentially leading to an out-of-bounds read when accessing the built-in font array. This occurs when the character value, masked, results in an index exceeding the font’s actual glyph count. The issue was identified by syzbot.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Linuxmint
Linux Kernel
Rocky Linux
Ubuntu