Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011312 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at...

fbcon: fix integer overflow in fbcon_do_set_font

...

SUSE CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

DEBIAN-CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds

An out-of-bounds write flaw was found in the Linux kernel’s console driver functionality in the way a user triggers the ioctl PIOFONT with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CLSA-2022-1669238963 xterm: Fix of CVE-2022-45063

CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5605-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5605-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5595-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5595-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerability (USN-5591-4)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5591-4 advisory. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A loca...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5589-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5589-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

When setting font with malicous data by ioctl cmd PIO_FONTkernel will write memory out of bounds.

...

DEBIAN-CVE-2021-33656

When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...

Out-of-bounds

When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...

PT-2022-4817 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a boundary error when setting a font with malicious data using the ioctl cmd PIO FONT, which can cause the kernel to write memory out of bounds. This can...

SA-CONTRIB-2014-027 - NewsFlash Theme - XSS

Newsflash is a theme that features 7 color styles, 12 collapsible regions, suckerfish menus, fluid or fixed widths, built-in IE transparent PNG fix, and lots more. The theme does not sanitize the user provided theme setting for the font family CSS property, thereby exposing a cross-site scripting...