CVE-2025-40110

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/vmwgfx: Fix a null-ptr access in the cursor snooper<br /> <br /> Check that the resource which is converted to a surface exists before<br /> trying to use the cursor snooper on it.<br /> <br /> vmw_cmd_res_check allows explicit invalid (SVGA3D_INVALID_ID) identifiers<br /> because some svga commands accept SVGA3D_INVALID_ID to mean "no surface",<br /> unfortunately functions that accept the actual surfaces as objects might<br /> (and in case of the cursor snooper, do not) be able to handle null<br /> objects. Make sure that we validate not only the identifier (via the<br /> vmw_cmd_res_check) but also check that the actual resource exists before<br /> trying to do something with it.<br /> <br /> Fixes unchecked null-ptr reference in the snooping code.