Linux Kernel Subtraction Overflow Vulnerability in drm/i915 Selftests

Vulnerability

A subtraction overflow vulnerability has been identified in the Linux kernel's drm/i915 selftests. This issue arises on certain machines where the variable hole_end can be small enough to trigger a subtraction overflow. Conversely, in mock tests, the expression (addr + 2 * min_alignment) can also overflow. The vulnerability has been addressed in a patch that accommodates both scenarios.

Impact

Exploitation of this vulnerability could lead to a subtraction overflow, potentially causing undefined behavior or allowing for memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Subtraction Overflow Vulnerability in drm/i915 Selftests

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating