CVE-2022-49948
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
vt: Clear selection before changing the font
When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new screen size and thus trigger out-of-bounds accesses to graphics memory if the selection is removed in vc_do_resize().
Prevent such out-of-memory accesses by dropping the selection before the various con_font_set() console handlers are called.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < c555cf04684fde39b5b0dd9fd80730030ee10c4a | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < e9ba4611ddf676194385506222cce7b0844e708e | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < f74b4a41c5d7c9522469917e3072e55d435efd9e | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < 1cf1930369c9dc428d827b60260c53271bff3285 | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < 989201bb8c00b222235aff04e6200230d29dc7bb | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < 2535431ae967ad17585513649625fea7db28d4db | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < c904fe03c4bd1f356a58797d39e2a5d0ca15cefc | affected |
| Linux | Linux | 009e39ae44f4191188aeb6dfbf661b771dbbe515 < 566f9c9f89337792070b5a6062dff448b3e7977f | affected |
| Linux | Linux | e60f8fcce05042e8f8cea25ee81fecc1222114cf | affected |
| Linux | Linux | 5812a9bc9d68a82c2cc839f88e6f7a05093ab39d | affected |
| Linux | Linux | 863ad19fd654c485e3beec3575c4d74a1e74369e | affected |
| Linux | Linux | dbc3fd44f957a39407e889287bf61fa0ef3ecc14 | affected |
| Linux | Linux | 0b2a0a58ad22f9d6dfc641bc5ec46057493f22a5 | affected |
| Linux | Linux | 9f2d48f0745f921040df91bfe8fa7f0339cd7497 | affected |
| Linux | Linux | 3425e397fb23cc2e8e6fb8f5b8226dcb447e84dd | affected |
| Linux | Linux | eeae0a12a16650ff494d5faefa371cd9e7079575 | affected |
| Linux | Linux | 3.2.85 < 3.3 | affected |
| Linux | Linux | 3.10.105 < 3.11 | affected |
| Linux | Linux | 3.12.68 < 3.13 | affected |
| Linux | Linux | 3.16.40 < 3.17 | affected |
| Linux | Linux | 3.18.45 < 3.19 | affected |
| Linux | Linux | 4.1.36 < 4.2 | affected |
| Linux | Linux | 4.4.31 < 4.5 | affected |
| Linux | Linux | 4.8.7 < 4.9 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 4.9.328 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.293 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.258 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.213 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.142 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.66 <= 5.15.* | unaffected |
| Linux | Linux | 5.19.8 <= 5.19.* | unaffected |
| Linux | Linux | 6.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/c555cf04684fde39b5b0dd9fd80730030ee10c4a
- https://git.kernel.org/stable/c/e9ba4611ddf676194385506222cce7b0844e708e
- https://git.kernel.org/stable/c/f74b4a41c5d7c9522469917e3072e55d435efd9e
- https://git.kernel.org/stable/c/1cf1930369c9dc428d827b60260c53271bff3285
- https://git.kernel.org/stable/c/989201bb8c00b222235aff04e6200230d29dc7bb
- https://git.kernel.org/stable/c/2535431ae967ad17585513649625fea7db28d4db
- https://git.kernel.org/stable/c/c904fe03c4bd1f356a58797d39e2a5d0ca15cefc
- https://git.kernel.org/stable/c/566f9c9f89337792070b5a6062dff448b3e7977f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.