cve-2026-45958

CVE-2026-45958 is a Linux kernel vulnerability in the Exynos DRM VIDI driver, where the vidi_connection_ioctl() function directly dereferences a user-supplied EDID pointer without first copying it into kernel memory. This flaw, assigned on May 27, 2026, is hardware-specific to Exynos devices and highlights the risks of improper kernel-user space boundary handling. While the bug is narrow and still awaiting NVD scoring, it serves as a reminder that obscure drivers can present significant attack surfaces. The fix is small, but the lesson underscores the importance of secure memory handling in kernel drivers. Administrators and device builders should treat this as a cautionary example rather than a widespread emergency.