VYPR
High severity7.8NVD Advisory· Published Sep 4, 2025· Updated May 12, 2026

CVE-2025-38702

CVE-2025-38702

Description

In the Linux kernel, the following vulnerability has been resolved:

fbdev: fix potential buffer overflow in do_register_framebuffer()

The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registered_fb[] 2. All array slots become occupied despite num_registered_fb < FB_MAX 3. The registration loop exceeds array bounds

Add boundary check to prevent registered_fb[FB_MAX] access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

127

Patches

Vulnerability mechanics

References

9

News mentions

1