VYPR
Unrated severityNVD Advisory· Published Dec 6, 2025· Updated Apr 15, 2026

CVE-2025-40277

CVE-2025-40277

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

259

Patches

Vulnerability mechanics

References

8

News mentions

1