CVE-2026-45958
7.1 HIGHIn the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer ...
Published: 2026-05-27 · Last updated: 2026-06-16
Severity and scoring
- CVSS
- 7.1 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
- CWE
- CWE-476
Affected products
| Vendor | Product |
|---|---|
| linux | linux_kernel |
Description
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidi_connection_ioctl(), vidi->edid(user pointer) is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead of directly accessing the user pointer in the kernel, we should modify it to copy edid to kernel memory using copy_from_user() and use it.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-45958
- [Patch]https://git.kernel.org/stable/c/13537f7f6d28a87ee2e496e071b6ad9541905f23
- [Patch]https://git.kernel.org/stable/c/235d702b771416b8a61e81bb09ba39282e4268fd
- [Patch]https://git.kernel.org/stable/c/2e147aa3169b83eaf044776f81d86235bf147de1
- [Patch]https://git.kernel.org/stable/c/4949e32387fe315b59ad5f422c9fc52836fbdd1e
- [Patch]https://git.kernel.org/stable/c/4c4193829109f38b2855de77981adc2e066286c7
- [Patch]https://git.kernel.org/stable/c/7efb6a4e6b1b523e744d17e6249757ed97caae7c
- [Patch]https://git.kernel.org/stable/c/c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8c
- [Patch]https://git.kernel.org/stable/c/d4c98c077c7fb2dfdece7d605e694b5ea2665085
Related CVEs
Same vendor
- CVE-2026-46273 — In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapt... (8.6 HIGH)
- CVE-2026-46272 — In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode ... (4.7 MEDIUM)
- CVE-2026-46271 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi... (7.8 HIGH)
- CVE-2026-46270 — In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in power_supply_changed() ... (8.4 HIGH)
- CVE-2026-46269 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing dev... (5.5 MEDIUM)
Same CWE
- CVE-2026-12329 — Memory safety bug fixed in Thunderbird ESR 140.12 (5.3 MEDIUM)
- CVE-2025-70102 — A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options (6.3 MEDIUM)
- CVE-2025-55663 — A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Den... (5.5 MEDIUM)
- CVE-2025-55649 — A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a De... (5.5 MEDIUM)
- CVE-2025-55643 — A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Den... (5.5 MEDIUM)