High severity7.1NVD Advisory· Published May 27, 2026· Updated Jun 16, 2026
CVE-2026-45958
CVE-2026-45958
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/exynos: vidi: fix to avoid directly dereferencing user pointer
In vidi_connection_ioctl(), vidi->edid(user pointer) is directly dereferenced in the kernel.
This allows arbitrary kernel memory access from the user space, so instead of directly accessing the user pointer in the kernel, we should modify it to copy edid to kernel memory using copy_from_user() and use it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- git.kernel.org/stable/c/13537f7f6d28a87ee2e496e071b6ad9541905f23nvdPatch
- git.kernel.org/stable/c/235d702b771416b8a61e81bb09ba39282e4268fdnvdPatch
- git.kernel.org/stable/c/2e147aa3169b83eaf044776f81d86235bf147de1nvdPatch
- git.kernel.org/stable/c/4949e32387fe315b59ad5f422c9fc52836fbdd1envdPatch
- git.kernel.org/stable/c/4c4193829109f38b2855de77981adc2e066286c7nvdPatch
- git.kernel.org/stable/c/7efb6a4e6b1b523e744d17e6249757ed97caae7cnvdPatch
- git.kernel.org/stable/c/c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8cnvdPatch
- git.kernel.org/stable/c/d4c98c077c7fb2dfdece7d605e694b5ea2665085nvdPatch
News mentions
0No linked articles in our index yet.