Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Framebuffer Out-of-Bounds Write Vulnerability

Vulnerability

A vulnerability in the Linux kernel's framebuffer (fbdev) component allows for out-of-bounds writes, which can lead to memory corruption. This issue arises in the 'bit_putcs' function, where text rendering near the edges of the screen can overwrite memory outside the intended framebuffer boundaries. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can cause out-of-bounds writes, leading to memory corruption.

Reproduction

The vulnerability can be reproduced by rendering text with the 'bit_putcs' function in a way that the Y position is off-screen or the X position exceeds the screen's width. This can be done by manipulating the image's width and height parameters to bypass the framebuffer's boundary checks.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched.

Added: Dec 8, 2025, 1:41 AM
Updated: Dec 8, 2025, 1:41 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
1.3
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.