190 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: drm, fbcon, vgaswitcheroo: Avoid race conditions in the fbcon setup process. Protect the vgaswitcherooclientfbset function with a console lock. This prevents out-of-band OOB access in the fbconremapall function. Without holdin...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fbcon: check the return value of con2fbacquirenewinfo. If fbconopen fails when called from con2fbacquirenewinfo, then info-fbconpar pointer remains NULL, and this pointer will be dereferenced later. A check for the return value o...
Astra Linux – Vulnerability in Linux
A buffer overflow attack in fbcon in the Linux kernel before version 5.9.7 could be exploited by local attackers to read privileged information or potentially cause the kernel to crash. This issue is identified as CID-3c4e0dff2095. This vulnerability arises because the KDFONTOPCOPY function in...
SUSE CVE-2026-46191
In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs implementations for the rotated buffer will return early in this case. S...
Linux Distros Unpatched Vulnerability : CVE-2026-46191
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs...
CVE-2026-46191
In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs implementations for the rotated buffer will return early in this case. S...
CVE-2026-46191
CVE-2026-46191 concerns the Linux kernel fbcon component: when console rotation fails during fbcon_rotate_font(), the font buffer may overflow due to an OOB access. The fix clears the font buffer if the reallocation during console rotation fails and ensures the rotated buffer does not overflow. D...
CVE-2026-46191
In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs implementations for the rotated buffer will return early in this case. S...
CVE-2026-46191 fbcon: Avoid OOB font access if console rotation fails
In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs implementations for the rotated buffer will return early in this case. S...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the console rotation in fbcon; as a result, the font buffer is not cleared when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: Release the buffer when fbcondosetfont fails. syzbot is reporting a memory leak at fbcondosetfont, for the commit a5a923038d70 “fbdev: fbcon: Properly revert changes when vcresize fails”. It was overlooked that the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: The old font data is always restored in fbcondosetfont. The commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize fails started restoring old font data upon failure of vcresize. However, this only applies...
SUSE CVE-2026-43123
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...
CVE-2026-43123
A flaw was found in the fbcon component of the Linux kernel. A local user could exploit a missing return value check in the con2fbacquirenewinfo function. This oversight can lead to a null pointer dereference, potentially causing a system crash and resulting in a Denial of Service DoS...
EUVD-2026-27684
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...
CVE-2026-43123
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...
CVE-2026-43123
Summary: CVE-2026-43123 affects the Linux kernel’s fbcon component. The root cause is a missing return-value check in con2fb_acquire_newinfo(); if fbcon_open() fails during this call, info->fbcon_par may be NULL and dereferenced, potentially crashing the system. The provided documents indicate...
CVE-2026-43123 fbcon: check return value of con2fb_acquire_newinfo()
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...
PT-2026-37463
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference occurs in the fbcon component. If the fbcon open function fails during a call from con2fb acquire newinfo, the info-fbcon par pointer remains NULL and is...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking of the return value of con2fbacquirenewinfo in the fbcon function. This...