{"id":"CVE-2025-38312","summary":"fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()\n\nIn fb_find_mode_cvt(), iff mode-\u003erefresh somehow happens to be 0x80000000,\ncvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's\nthen passed to fb_cvt_hperiod(), where it's used as a divider -- division\nby 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to\navoid such overflow...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.","modified":"2026-04-16T04:39:36.093596333Z","published":"2025-07-10T07:42:20.647Z","related":["SUSE-SU-2025:02846-1","SUSE-SU-2025:02853-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:02969-1","SUSE-SU-2025:02996-1","SUSE-SU-2025:02997-1","SUSE-SU-2025:03011-1","SUSE-SU-2025:03023-1","SUSE-SU-2025:20577-1","SUSE-SU-2025:20586-1","SUSE-SU-2025:20601-1","SUSE-SU-2025:20602-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38312.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2d63433e8eaa3c91b2948190e395bc67009db0d9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3f6dae09fc8c306eb70fdfef70726e1f154e173a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53784073cbad18f75583fd3da9ffdfc4d1f05405"},{"type":"WEB","url":"https://git.kernel.org/stable/c/54947530663edcbaaee1314c01fdd8c72861b124"},{"type":"WEB","url":"https://git.kernel.org/stable/c/610f247f2772e4f92b63442125a1b7ade79898d8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9027ce4c037b566b658b8939a76326b7125e3627"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ab91647acdf43b984824776559a452212eaeb21a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b235393b9f43ff86a38ca2bde6372312ea215dc5"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38312.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38312"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"96fe6a2109db29cd15b90a093c16e6cb4b19371a"},{"fixed":"9027ce4c037b566b658b8939a76326b7125e3627"},{"fixed":"610f247f2772e4f92b63442125a1b7ade79898d8"},{"fixed":"2d63433e8eaa3c91b2948190e395bc67009db0d9"},{"fixed":"54947530663edcbaaee1314c01fdd8c72861b124"},{"fixed":"ab91647acdf43b984824776559a452212eaeb21a"},{"fixed":"b235393b9f43ff86a38ca2bde6372312ea215dc5"},{"fixed":"53784073cbad18f75583fd3da9ffdfc4d1f05405"},{"fixed":"3f6dae09fc8c306eb70fdfef70726e1f154e173a"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38312.json"}}],"schema_version":"1.7.5"}