Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to v6.1.11

Description The issue is related to a use-after-free (UAF) problem in the vcs read() function. This function is used to read data from a virtual console screen. The UAF occurs because the struct vc data pointer is loaded after it has already been freed. The actual impact and attack plausibility of this issue have not yet been proven.

Recommendations For Linux Kernel versions prior to v6.1.11, update to version v6.1.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the vcs read() function until a patch is available.