CVE-2025-38312

Summary

In the Linux kernel, the following vulnerability has been resolved:

fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()

In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x80000000, cvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fb_cvt_hperiod(), where it's used as a divider – division by 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to avoid such overflow…

Found by Linux Verification Center (linuxtesting.org) with the Svace static analysis tool.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 9027ce4c037b566b658b8939a76326b7125e3627affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 610f247f2772e4f92b63442125a1b7ade79898d8affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 2d63433e8eaa3c91b2948190e395bc67009db0d9affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 54947530663edcbaaee1314c01fdd8c72861b124affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < ab91647acdf43b984824776559a452212eaeb21aaffected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < b235393b9f43ff86a38ca2bde6372312ea215dc5affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 53784073cbad18f75583fd3da9ffdfc4d1f05405affected
LinuxLinux96fe6a2109db29cd15b90a093c16e6cb4b19371a < 3f6dae09fc8c306eb70fdfef70726e1f154e173aaffected
LinuxLinux2.6.14affected
LinuxLinux0 < 2.6.14unaffected
LinuxLinux5.4.295 <= 5.4.*unaffected
LinuxLinux5.10.239 <= 5.10.*unaffected
LinuxLinux5.15.186 <= 5.15.*unaffected
LinuxLinux6.1.142 <= 6.1.*unaffected
LinuxLinux6.6.94 <= 6.6.*unaffected
LinuxLinux6.12.34 <= 6.12.*unaffected
LinuxLinux6.15.3 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References