Updated: 2026-01-19 02:08:26.616088
Description:
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure instead of to the drm_vmw_event_fence which is supposed to be read. drm_read uses the length parameter to copy the event to the user space thus resuling in oob reads.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.1 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.1 | HIGH | Released | CLSA-2025:1743193221 | 2024-09-02 17:24:07 | |
| CentOS 6 ELS | kernel | 2.6.32 | 7.1 | HIGH | Released | CLSA-2024:1724774331 | 2024-09-09 12:14:17 | |
| CentOS 7 ELS | kernel | 3.10.0 | 7.1 | HIGH | Released | CLSA-2024:1724693366 | 2024-09-09 12:14:11 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.1 | HIGH | Released | CLSA-2024:1725872696 | 2024-09-09 05:24:15 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.1 | HIGH | Released | CLSA-2024:1725876080 | 2024-09-09 12:14:15 | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.1 | HIGH | Released | CLSA-2024:1725871927 | 2024-09-09 05:24:14 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.1 | HIGH | Ignored | 2024-10-09 03:50:18 | ||
| CloudLinux 7 ELS | kernel | 3.10.0 | 7.1 | HIGH | Ignored | 2025-01-10 22:43:44 | CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo... | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.1 | HIGH | Released | CLSA-2024:1725187614 | 2024-09-01 12:13:08 | |
| Oracle Linux 7 ELS | kernel | 3.10.0 | 7.1 | HIGH | Released | CLSA-2025:1742322442 | 2025-05-12 04:18:20 |