drm/exynos: vidi: fix to avoid directly dereferencing user pointer_CVE-2026-45958

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/exynos: vidi: fix to avoid directly dereferencing user pointer\n\nIn vidi_connection_ioctl(), vidi->edid(user pointer) is directly\ndereferenced in the kernel.\n\nThis allows arbitrary kernel memory access from the user space, so instead\nof directly accessing the user pointer in the kernel, we should modify it\nto copy edid to kernel memory using copy_from_user() and use it.",
    "published": "2026-05-27T12:18:14.878Z",
    "modified": "2026-05-30T10:46:15.152Z",
    "type": "cve",
    "title": "drm/exynos: vidi: fix to avoid directly dereferencing user pointer",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/13537f7f6d28a87ee2e496e071b6ad9541905f23\nhttps://git.kernel.org/stable/c/c2914c0ca7557c6c5c845621cb6d6c9f26ab5a8c\nhttps://git.kernel.org/stable/c/7efb6a4e6b1b523e744d17e6249757ed97caae7c\nhttps://git.kernel.org/stable/c/2e147aa3169b83eaf044776f81d86235bf147de1\nhttps://git.kernel.org/stable/c/4c4193829109f38b2855de77981adc2e066286c7\nhttps://git.kernel.org/stable/c/4949e32387fe315b59ad5f422c9fc52836fbdd1e\nhttps://git.kernel.org/stable/c/235d702b771416b8a61e81bb09ba39282e4268fd\nhttps://git.kernel.org/stable/c/d4c98c077c7fb2dfdece7d605e694b5ea2665085",
    "id": "CVE-2026-45958",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux b73d12303ecfc91123363d8900e127da44bf42a6\nLinux Linux 3.4",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "b73d12303ecfc91123363d8900e127da44bf42a6",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}