190 matches found
AZL-27671 CVE-2023-38409 affecting package hyperv-daemons for versions less than 5.15.122.1-1
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
DEBIAN-CVE-2023-38409
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
AZL-27499 CVE-2023-38409 affecting package kernel for versions less than 5.15.122.1-2
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
UBUNTU-CVE-2023-38409
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
CVE-2023-38409
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
OESA-2023-1393 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. Quoting ZDI security advisory 1: "This vulnerability allows local attackers to disclose sensitive information on affected...
The vulnerability of the fbcon_set_font() function in the drivers/video/fbdev/core/fbcon.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the fbconsetfont function in the drivers/video/fbdev/core/fbcon.c file of the Linux kernel is related to integer overflow due to the lack of control over valid boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
CVE-2023-3161
CVE-2023-3161 : Linux Kernel fbcon has a shift-out-of-bounds in fbcon_set_font when font->width/height > 32, causing undefined behavior and potential denial of service. Connected documents corroborate the same fbcon font handling issue in the Linux kernel. The Astra Linux bulletin mentions ...
SUSE CVE-2020-28915
A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...
SUSE CVE-2020-28974
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KDFONTOPCOPY in drivers/tty/vt/vt.c can be used for manipulations such as font height...
GSD-2023-1001869 fbcon: Check font dimension limits
fbcon: Check font dimension limits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit 5e7f6e2ade57dfd6d133ff7c643abd2079248943, i...
GSD-2023-1000978 fbdev: fbcon: release buffer when fbcon_do_set_font() failed
fbdev: fbcon: release buffer when fbcondosetfont failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000543 fbdev: fbcon: release buffer when fbcon_do_set_font() failed
fbdev: fbcon: release buffer when fbcondosetfont failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000330 fbcon: Use kzalloc() in fbcon_prepare_logo()
fbcon: Use kzalloc in fbconpreparelogo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...
GSD-2023-1000287 fbcon: Use kzalloc() in fbcon_prepare_logo()
fbcon: Use kzalloc in fbconpreparelogo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.227 by commit...
GSD-2023-1000227 fbcon: Use kzalloc() in fbcon_prepare_logo()
fbcon: Use kzalloc in fbconpreparelogo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000153 fbcon: Use kzalloc() in fbcon_prepare_logo()
fbcon: Use kzalloc in fbconpreparelogo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commit...
PT-2023-33407 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.269 Description: The issue is related to the use of kzalloc in fbcon prepare logo. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2023-33364 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue is related to the use of kzalloc in fbcon prepare logo. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2023-33304 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: The issue is related to the use of kzalloc in fbcon prepare logo. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...