7.1

CVE-2022-49948

vt: Clear selection before changing the font

In the Linux kernel, the following vulnerability has been resolved:

vt: Clear selection before changing the font

When changing the console font with ioctl(KDFONTOP) the new font size
can be bigger than the previous font. A previous selection may thus now
be outside of the new screen size and thus trigger out-of-bounds
accesses to graphics memory if the selection is removed in
vc_do_resize().

Prevent such out-of-memory accesses by dropping the selection before the
various con_font_set() console handlers are called.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.328
LinuxLinux Kernel Version >= 4.10 < 4.14.293
LinuxLinux Kernel Version >= 4.15 < 4.19.258
LinuxLinux Kernel Version >= 4.20 < 5.4.213
LinuxLinux Kernel Version >= 5.5 < 5.10.142
LinuxLinux Kernel Version >= 5.11 < 5.15.66
LinuxLinux Kernel Version >= 5.16 < 5.19.8
LinuxLinux Kernel Version6.0 Updaterc1
LinuxLinux Kernel Version6.0 Updaterc2
LinuxLinux Kernel Version6.0 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.116
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/c555cf04684fde39b5b0dd9fd80730030ee10c4a
Patch
https://git.kernel.org/stable/c/e9ba4611ddf676194385506222cce7b0844e708e
Patch
https://git.kernel.org/stable/c/f74b4a41c5d7c9522469917e3072e55d435efd9e
Patch
https://git.kernel.org/stable/c/1cf1930369c9dc428d827b60260c53271bff3285
Patch
https://git.kernel.org/stable/c/989201bb8c00b222235aff04e6200230d29dc7bb
Patch
https://git.kernel.org/stable/c/2535431ae967ad17585513649625fea7db28d4db
Patch
https://git.kernel.org/stable/c/c904fe03c4bd1f356a58797d39e2a5d0ca15cefc
Patch
https://git.kernel.org/stable/c/566f9c9f89337792070b5a6062dff448b3e7977f
Patch