CVE-2026-23317
Description
In the Linux kernel, the following vulnerability has been resolved:drm/vmwgfx: Return the correct value in vmw_translate_ptr functionsBefore the referenced fixes these functions used a lookup function thatreturned a pointer. This was changed to another lookup function thatreturned an error code with the pointer becoming an out parameter.The error path when the lookup failed was not changed to reflect thischange and the code continued to return the PTR_ERR of the nowuninitialized pointer. This could cause the vmw_translate_ptr functionsto return success when they actually failed causing further uninitializedand OOB accesses.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.013
Associated Vulnerability
No records foundPatch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234