Back to CVE List

CVE-2026-45958

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.1 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved:

drm/exynos: vidi: fix to avoid directly dereferencing user pointer

In vidi_connection_ioctl(), vidi->edid(user pointer) is directly
dereferenced in the kernel.

This allows arbitrary kernel memory access from the user space, so instead
of directly accessing the user pointer in the kernel, we should modify it
to copy edid to kernel memory using copy_from_user() and use it.

Vulnerability Details

Published Date
Last Modified
Source
NVD
Vendor
Linux
Product
Linux

External References

Discussion (0)

Add Comment

No comments yet. Be the first!