Security Advisory

CVE-2025-40277

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-06 21:51:00

Last updated 2026-05-11 21:46:14

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.

← Browse all CVEs View on cve.org ↗