SB2025070518 - Out-of-bounds read in Linux kernel video console driver
Published: July 5, 2025
Security Bulletin ID
SB2025070518
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2025-38213)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vgacon_scroll() function in drivers/video/console/vgacon.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2f4040a5855a59e48296f1b5a7cc0fceea3195b1
- https://git.kernel.org/stable/c/499b77fa1416a85fee106e60b240e912bca10cb8
- https://git.kernel.org/stable/c/843de5fbfe277e30fb333a7fa033b684c37829ac
- https://git.kernel.org/stable/c/864f9963ec6b4b76d104d595ba28110b87158003
- https://git.kernel.org/stable/c/9928ba7de39793a1c7c77b8b9e6ecf6209110311
- https://git.kernel.org/stable/c/bf9c07864765864b968e59c7b72db91130d621ca
- https://git.kernel.org/stable/c/e44532b1c358bfd2c4c7dc28fd01d47fef09ac70
- https://git.kernel.org/stable/c/f20fd54af4e1077fdbca4dd98375a4d1d941e50d