PT-2023-3083 · Linux+7 · Linux Kernel+7
Sanan Hasanov
·
Publicado
2023-01-25
·
Atualizado
2025-03-11
·
CVE-2023-3161
CVSS v2.0
6.8
Média
| Vetor | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux Kernel (affected versions not specified)
Description
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. The issue is related to the
fbcon set font() function, which is vulnerable to an integer overflow due to a lack of bounds checking. This can occur when font->width and font->height values greater than 32 are provided to fbcon set font(), leading to a shift-out-of-bounds and resulting in undefined behavior. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information, and may lead to a denial of service.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu