PT-2026-27682 · Vmwgfx+1 · Vmwgfx+1

Published

2026-01-01

·

Updated

2026-05-22

·

CVE-2026-23317

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The vmw translate ptr functions within the vmwgfx module of the Linux kernel incorrectly returned values after a code change related to pointer lookups. A previous implementation used a lookup function returning a pointer, which was then changed to a function returning an error code with the pointer as an out parameter. The error handling path was not updated to reflect this change, leading to the functions potentially returning success when they actually failed. This could result in uninitialized and out-of-bounds accesses.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Weakness Enumeration

CWE-908

Related Identifiers

CVE-2026-23317
ECHO-90E4-A635-FDB6
OESA-2026-2311
OESA-2026-2418
OPENSUSE-SU-2026:20826-1
SUSE-SU-2026:1573-1
SUSE-SU-2026:1574-1
SUSE-SU-2026:1606-1
SUSE-SU-2026:1643-1
SUSE-SU-2026:1661-1
SUSE-SU-2026:21114-1
SUSE-SU-2026:21123-1
SUSE-SU-2026:21255-1
SUSE-SU-2026:2134-1
SUSE-SU-2026:2149-1
SUSE-SU-2026:2159-1
SUSE-SU-2026:2172-1
SUSE-SU-2026:2176-1
SUSE-SU-2026:2181-1
SUSE-SU-2026:21841-1
SUSE-SU-2026:21845-1
SUSE-SU-2026:21860-1
SUSE-SU-2026:21886-1
SUSE-SU-2026:21887-1
SUSE-SU-2026:21888-1
SUSE-SU-2026:21889-1
SUSE-SU-2026:21890-1
SUSE-SU-2026:21891-1
SUSE-SU-2026:21892-1
SUSE-SU-2026:21893-1
SUSE-SU-2026:21896-1
SUSE-SU-2026:21900-1
SUSE-SU-2026:21901-1
SUSE-SU-2026:21902-1
SUSE-SU-2026:21903-1
SUSE-SU-2026:21904-1
SUSE-SU-2026:21905-1
SUSE-SU-2026:21906-1
SUSE-SU-2026:21907-1
SUSE-SU-2026:21910-1
SUSE-SU-2026:21921-1
SUSE-SU-2026:21922-1
SUSE-SU-2026:21923-1
SUSE-SU-2026:21924-1
SUSE-SU-2026:21925-1
SUSE-SU-2026:21926-1
SUSE-SU-2026:21927-1
SUSE-SU-2026:21928-1
SUSE-SU-2026:21929-1
SUSE-SU-2026:21932-1
SUSE-SU-2026:21933-1
SUSE-SU-2026:21934-1
SUSE-SU-2026:21935-1
SUSE-SU-2026:21936-1
SUSE-SU-2026:21937-1
SUSE-SU-2026:21938-1
SUSE-SU-2026:21939-1
SUSE-SU-2026:21942-1
SUSE-SU-2026:21958-1
SUSE-SU-2026:21959-1
SUSE-SU-2026:21960-1
SUSE-SU-2026:21962-1
SUSE-SU-2026:21963-1
SUSE-SU-2026:21969-1
SUSE-SU-2026:21970-1
SUSE-SU-2026:21972-1
SUSE-SU-2026:21979-1
SUSE-SU-2026:21982-1
SUSE-SU-2026:21983-1
SUSE-SU-2026:2199-1

Affected Products

Linux Kernel
Vmwgfx