5.5

CVE-2022-48627

vt: fix memory overlapping when deleting chars in the buffer

In the Linux kernel, the following vulnerability has been resolved:

vt: fix memory overlapping when deleting chars in the buffer

A memory overlapping copy occurs when deleting a long line. This memory
overlapping copy can cause data corruption when scr_memcpyw is optimized
to memcpy because memcpy does not ensure its behavior if the destination
buffer overlaps with the source buffer. The line buffer is not always
broken, because the memcpy utilizes the hardware acceleration, whose
result is not deterministic.

Fix this problem by using replacing the scr_memcpyw with scr_memmovew.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.7 <= 4.19.312
LinuxLinux Kernel Version >= 4.20 < 5.4.274
LinuxLinux Kernel Version >= 5.5 < 5.10.132
LinuxLinux Kernel Version >= 5.11 < 5.15.56
LinuxLinux Kernel Version >= 5.16 < 5.18.13
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.28% 0.193
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Mailing List
https://git.kernel.org/stable/c/14d2cc21ca622310babf373e3a8f0b40acfe8265
Patch
https://git.kernel.org/stable/c/39cdb68c64d84e71a4a717000b6e5de208ee60cc
Patch
https://git.kernel.org/stable/c/57964a5710252bc82fe22d9fa98c180c58c20244
Patch
https://git.kernel.org/stable/c/815be99d934e3292906536275f2b8d5131cdf52c
Patch
https://git.kernel.org/stable/c/bfee93c9a6c395f9aa62268f1cedf64999844926
Patch
https://git.kernel.org/stable/c/c8686c014b5e872ba7e334f33ca553f14446fc29
Patch