You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 23158
About this tag
CVE-2025-23158 is a high-impact Linux kernel vulnerability in the Qualcomm VENUS video driver (venus hfi subsystem) that allows an out-of-bounds write via firmware-controlled corruption of a queue size field. Microsoft's advisory lists Azure Linux as a product that includes this open-source library and is therefore potentially affected, but this is a product-scoped attestation and does not guarantee that no other Microsoft product could contain the vulnerable code. Discussions on WindowsForum.com cover the technical details of the OOB write, the affected driver components, and the implications for Azure Linux and potentially other systems.
CVE-2025-23158 is a high‑impact Linux kernel defect in the Qualcomm/VENUS video driver (the venus hfi subsystem) that allows firmware‑controlled corruption of a queue size field to trigger an out‑of‑bounds write; Microsoft’s public advisory names Azure Linux as a product that “includes this...