Описание
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
An out-of-bounds write flaw was found in the Linux kernel’s console driver functionality in the way a user triggers the ioctl PIO_FONT with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Отчет
This flaw is rated as a having Moderate impact, because only local user with the access to the VGA device can trigger it.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel | Affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2023:2736 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2023:2951 | 16.05.2023 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | kernel | Fixed | RHSA-2023:4789 | 29.08.2023 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2023:4789 | 29.08.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS3
Связанные уязвимости
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will ...
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
EPSS
6.8 Medium
CVSS3