PT-2025-49378 · Linux+4 · Linux Kernel+4

Published

2025-12-06

·

Updated

2026-05-26

·

CVE-2025-40277

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw in the drm/vmwgfx module where command header size validation against SVGA CMD MAX DATASIZE is insufficient. Data originating from userspace, used in buffer offset calculations, could lead to an out-of-bounds access due to a potential overflow. The SVGA CMD MAX DATASIZE variable is involved in this issue.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Related Identifiers

ALSA-2026:0453
ALSA-2026:0793
ALSA-2026:1142
ALSA-2026:1148
CVE-2025-40277
DLA-4404-1
ECHO-2AEF-FED8-D25D
MGASA-2026-0017
MGASA-2026-0018
OESA-2026-1759
OESA-2026-1760
OESA-2026-1761
OPENSUSE-SU-2026:20145-1
RHSA-2026:0453
RHSA-2026:0793
RHSA-2026:0917
RHSA-2026:1142
RHSA-2026:1148
RHSA-2026:1194
RHSA-2026:1236
RHSA-2026:1441
RHSA-2026:1442
RHSA-2026:1443
RHSA-2026:1445
RHSA-2026:1494
RHSA-2026:1495
RHSA-2026:1512
RHSA-2026:1886
SUSE-SU-2026:0263-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:0350-1
SUSE-SU-2026:0369-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1
ZDI-26-232

Affected Products

Debian
Linuxmint
Linux Kernel
Rocky Linux
Ubuntu