PT-2022-1374 · Linux+9 · Linux Kernel+9

Jimmy

+1

·

Published

2022-07-08

·

Updated

2023-08-14

·

CVE-2021-33655

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a buffer overflow in the Linux kernel, allowing an attacker to write memory out of bounds. This can be achieved by sending malicious data to the kernel using the ioctl cmd FBIOPUT VSCREENINFO. The exploitation of this issue may allow an attacker to execute arbitrary code. A missing bounds check in the fbcon set font() function of fbcon.c can lead to a possible out of bounds write, resulting in local information disclosure without requiring additional execution privileges. User interaction is not needed for exploitation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALSA-2023:2736
ALSA-2023:2951
ALT-PU-2022-2497
ALT-PU-2022-2523
ALT-PU-2022-2915
ALT-PU-2022-2919
ALT-PU-2023-1224
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
ASB-A-240019719
AZL-10616
BDU:2022-04878
CESA-2023_2736
CESA-2023_2951
CVE-2021-33655
DLA-3131-1
DSA-5191-1
OESA-2022-1802
OPENSUSE-SU-2022_2722-1
OPENSUSE-SU-2022_2741-1
OPENSUSE-SU-2022_2803-1
OPENSUSE-SU-2022_2827-1
OPENSUSE-SU-2022_2875-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2148
RHSA-2023_2458
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:0930
SUSE-SU-2022:2719-1
SUSE-SU-2022:2720-1
SUSE-SU-2022:2721-1
SUSE-SU-2022:2722-1
SUSE-SU-2022:2723-1
SUSE-SU-2022:2741-1
SUSE-SU-2022:2803-1
SUSE-SU-2022:2808-1
SUSE-SU-2022:2809-1
SUSE-SU-2022:2827-1
SUSE-SU-2022:2840-1
SUSE-SU-2022:2875-1
SUSE-SU-2022:2875-2
SUSE-SU-2022:2892-1
SUSE-SU-2022:2892-2
SUSE-SU-2022:2910-1
SUSE-SU-2022:4024-1
SUSE-SU-2022:4027-1
SUSE-SU-2022:4033-1
SUSE-SU-2022:4035-1
SUSE-SU-2022:4100-1
SUSE-SU-2022:4112-1
SUSE-SU-2022:4113-1
SUSE-SU-2022:4129-1
SUSE-SU-2023:0416-1
USN-5577-1
USN-5580-1
USN-5596-1
USN-5621-1
USN-5622-1
USN-5623-1
USN-5624-1
USN-5630-1
USN-5633-1
USN-5635-1
USN-5639-1
USN-5640-1
USN-5644-1
USN-5647-1
USN-5648-1
USN-5650-1
USN-5652-1
USN-5654-1
USN-5655-1
USN-5660-1
USN-5683-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu