PT-2025-49436 · Linux+4 · Linux Kernel+4

Published

2025-10-04

·

Updated

2026-05-07

·

CVE-2025-40304

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Linux kernel's fbdev component related to insufficient bounds checking within the bit putcs function. This can lead to out-of-bounds writes when rendering text near the edges of the screen, specifically when using vmalloc. The issue arises from mismatched parameters passed to bit putcs aligned and bit putcs unaligned due to an incorrect character count update during image clipping. This allows writes beyond the allocated framebuffer boundaries.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALSA-2026:2282
ALSA-2026:2720
ALSA-2026:2722
ALSA-2026:2821
BDU:2026-01308
CVE-2025-40304
DLA-4404-1
ECHO-E7F2-DA49-1017
MGASA-2026-0017
MGASA-2026-0018
OESA-2026-1303
OESA-2026-1304
OESA-2026-1305
OPENSUSE-SU-2026:20145-1
RHSA-2026:1727
RHSA-2026:2282
RHSA-2026:2490
RHSA-2026:2535
RHSA-2026:2560
RHSA-2026:2573
RHSA-2026:2577
RHSA-2026:2583
RHSA-2026:2664
RHSA-2026:2720
RHSA-2026:2722
RHSA-2026:2759
RHSA-2026:2766
RHSA-2026:2821
RHSA-2026:3360
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0316-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Rocky Linux
Ubuntu