CVE-2020-28915

Опубликовано: 16 нояб. 2020

Источник: redhat

CVSS3: 5.8

Описание

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

An out-of-bounds (OOB) memory access flaw was found in fbcon_get_font() in drivers/video/fbdev/core/fbcon.c in fbcon driver module in the Linux kernel. A bound check failure allows a local attacker with special user privilege to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to integrity and system availability.

Меры по смягчению последствий

Add 'nomodeset' option as kernel boot parameter to disable frame buffering (edit /etc/default/grub, and run 'grub2-mkconfig -o /boot/grub2/grub.cfg' and reboot).

# cat /proc/cmdline BOOT_IMAGE=(hd0,msdos1)/vmlinuz-4.18.0-147.el8.x86_64 root=/dev/mapper/rhel_rhel8u2--1-root ro crashkernel=auto resume=/dev/mapper/rhel_rhel8u2--1-swap rd.lvm.lv=rhel_rhel8u2-1/root rd.lvm.lv=rhel_rhel8u2-1/swap nomodeset # ls -l /dev/fb* ls: cannot access '/dev/fb*': No such file or directory

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Out of support scope
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Will not fix
Red Hat Enterprise Linux 7	kernel-alt	Will not fix
Red Hat Enterprise Linux 7	kernel-rt	Will not fix
Red Hat Enterprise MRG 2	kernel-rt	Will not fix
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2022:5344	28.06.2022
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2022:5316	30.06.2022
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2022:5316	30.06.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1899177kernel: out-of-bounds read in fbcon_get_font function

5.8 Medium

CVSS3

Связанные уязвимости

CVE-2020-28915

CVSS3: 5.8

ubuntu

больше 4 лет назад

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

CVE-2020-28915

CVSS3: 5.8

nvd

больше 4 лет назад

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

CVE-2020-28915

CVSS3: 5.8

msrc

больше 4 лет назад

Описание отсутствует

CVE-2020-28915

CVSS3: 5.8

debian

больше 4 лет назад

A buffer over-read (at the framebuffer layer) in the fbcon code in the ...

GHSA-v4w4-xxpq-3p77

github

около 3 лет назад

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

5.8 Medium

CVSS3