5 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
0.0004 Low
EPSS
Percentile
5.3%
An out-of-bounds (OOB) SLAB memory access flaw was found in the Linux kernel’s fbcon driver module. A bounds check failure allows a local attacker with special user privileges to gain access to out-of-bounds memory, leading to a system crash or leaking of internal kernel information. The highest threat from this vulnerability is to system availability.
Add 'nomodeset' option as kernel boot parameter to disable frame buffering in /etc/default/grub, and run 'grub2-mkconfig -o /boot/grub2/grub.cfg' and reboot.
# cat /proc/cmdline
BOOT_IMAGE=(hd0,msdos1)/vmlinuz-4.18.0-147.el8.x86_64 root=/dev/mapper/rhel_rhel8u2--1-root ro crashkernel=auto resume=/dev/mapper/rhel_rhel8u2--1-swap rd.lvm.lv=rhel_rhel8u2-1/root rd.lvm.lv=rhel_rhel8u2-1/swap nomodeset
# ls -l /dev/fb*
ls: cannot access '/dev/fb*': No such file or directory
The above said mitigation does not so effect for rhel6 kernel , and is only applicable for rhel7/8.
5 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
0.0004 Low
EPSS
Percentile
5.3%