Primary

Context

Linux Kernel Memory Corruption Vulnerability in HDMI Driver via Bridge Counter Overflow

Vulnerability

A memory corruption vulnerability has been identified in the Linux kernel's HDMI driver for the MSM graphics subsystem. This issue arises from a lack of proper validation on the number of bridge connections, which can lead to data being written beyond the limits of a fixed-size array. The vulnerability is present in versions of the Linux kernel prior to the latest stable release.

Impact

Exploitation of this vulnerability can lead to memory corruption, potentially allowing for arbitrary code execution or causing a system crash.

Reproduction

The vulnerability can be reproduced by configuring an HDMI device with more than eight bridge connections. The HDMI driver will attempt to process these bridges, but the missing sanity check will allow data to be written beyond the allocated array, causing memory corruption.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability.

Added: Oct 1, 2025, 12:57 PM

Updated: Oct 1, 2025, 12:57 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Corruption Vulnerability in HDMI Driver via Bridge Counter Overflow

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating