HIGHCVE-2026-45958Published Modified CNA Linux
CVE-2026-45958: drm/exynos: vidi: fix to avoid directly dereferencing user pointer
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidi_connection_ioctl(), vidi->edid(user pointer) is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead of directly accessing the user pointer in the kernel, we should modify it to copy edid to kernel memory using copy_from_user() and use it.
Metrics
- CVSS v3.1
- 7.1
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
013537f7f6d28a87ee2e496e071b6ad9541905f23235d702b771416b8a61e81bb09ba39282e4268fd2e147aa3169b83eaf044776f81d86235bf147de14949e32387fe315b59ad5f422c9fc52836fbdd1e4c4193829109f38b2855de77981adc2e066286c75.10.2535.15.2036.1.1676.6.1306.12.776.18.146.19.47.07efb6a4e6b1b523e744d17e6249757ed97caae7cc2914c0ca7557c6c5c845621cb6d6c9f26ab5a8cd4c98c077c7fb2dfdece7d605e694b5ea2665085
Affected packages
- Linux / Linux< 13537f7f6d28a87ee2e496e071b6ad9541905f23 (from b73d12303ecfc91123363d8900e127da44bf42a6) · < c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8c (from b73d12303ecfc91123363d8900e127da44bf42a6) · < 7efb6a4e6b1b523e744d17e6249757ed97caae7c (from b73d12303ecfc91123363d8900e127da44bf42a6) · < 2e147aa3169b83eaf044776f81d86235bf147de1 (from b73d12303ecfc91123363d8900e127da44bf42a6) · < 4c4193829109f38b2855de77981adc2e066286c7 (from b73d12303ecfc91123363d8900e127da44bf42a6) · < 4949e32387fe315b59ad5f422c9fc52836fbdd1e (from b73d12303ecfc91123363d8900e127da44bf42a6)
- Linux / Linux3.4Fixed in 0, 5.10.253, 5.15.203, 6.1.167, 6.6.130, 6.12.77, 6.18.14, 6.19.4, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H