Bug 2432675 (CVE-2026-23008)

Summary: CVE-2026-23008 kernel: drm/vmwgfx: Fix KMS with 3D on HW version 10
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A NULL pointer dereference vulnerability was found in the Linux kernel's VMware graphics (vmwgfx) driver. On VMware hardware version 10, which lacks GB Surfaces support, attempting to use 3D acceleration with KMS (Kernel Mode Setting) causes the driver to dereference a NULL backing buffer pointer for surface-backed framebuffers. This results in a kernel crash and black screen.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-01-25 15:02:52 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Fix KMS with 3D on HW version 10

HW version 10 does not have GB Surfaces so there is no backing buffer for
surface backed FBs. This would result in a nullptr dereference and crash
the driver causing a black screen.
Comment 1 Alexander B 2026-01-26 09:53:00 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026012537-CVE-2026-23008-d435@gregkh/T