CVE-2025-40277 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/32b415a9dc2c212e809b7ebc2b14bc3fbda2b9af
https://git.kernel.org/stable/c/54d458b244893e47bda52ec3943fdfbc8d7d068b
https://git.kernel.org/stable/c/5aea2cde03d4247cdcf53f9ab7d0747c9dca1cfc
https://git.kernel.org/stable/c/709e5c088f9c99a5cf2c1d1c6ce58f2cca7ab173
https://git.kernel.org/stable/c/a3abb54c27b2c393c44362399777ad2f6e1ff17e
https://git.kernel.org/stable/c/b5df9e06eed3df6a4f5c6f8453013b0cabb927b4
https://git.kernel.org/stable/c/e58559845021c3bad5e094219378b869157fad53
https://git.kernel.org/stable/c/f3f3a8eb3f0ba799fae057091d8c67cca12d6fa0

History

Sat, 06 Dec 2025 22:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.
Title		drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/32b415a9dc2c212e809b7ebc2b14bc3fbda2b9af https://git.kernel.org/stable/c/54d458b244893e47bda52ec3943fdfbc8d7d068b https://git.kernel.org/stable/c/5aea2cde03d4247cdcf53f9ab7d0747c9dca1cfc https://git.kernel.org/stable/c/709e5c088f9c99a5cf2c1d1c6ce58f2cca7ab173 https://git.kernel.org/stable/c/a3abb54c27b2c393c44362399777ad2f6e1ff17e https://git.kernel.org/stable/c/b5df9e06eed3df6a4f5c6f8453013b0cabb927b4 https://git.kernel.org/stable/c/e58559845021c3bad5e094219378b869157fad53 https://git.kernel.org/stable/c/f3f3a8eb3f0ba799fae057091d8c67cca12d6fa0

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-06T21:51:00.437Z

Updated: 2025-12-06T21:51:00.437Z

Reserved: 2025-04-16T07:20:57.184Z

Link: CVE-2025-40277

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-06T22:15:55.560

Modified: 2025-12-06T22:15:55.560

Link: CVE-2025-40277

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object