Acknowledged
Created: Oct 15, 2025
Updated: Oct 17, 2025
Found In Version: 10.25.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]fbcon: fix integer overflow in fbcon_do_set_font[EOL][EOL]Fix integer overflow vulnerabilities in fbcon_do_set_font() where font[EOL]size calculations could overflow when handling user-controlled font[EOL]parameters.[EOL][EOL]The vulnerabilities occur when:[EOL]1. CALC_FONTSZ(h, pitch, charcount) performs h * pith * charcount[EOL] multiplication with user-controlled values that can overflow.[EOL]2. FONT_EXTRA_WORDS * sizeof(int) + size addition can also overflow[EOL]3. This results in smaller allocations than expected, leading to buffer[EOL] overflows during font data copying.[EOL][EOL]Add explicit overflow checking using check_mul_overflow() and[EOL]check_add_overflow() kernel helpers to safety validate all size[EOL]calculations before allocation.
