PT-2022-4817 · Linux+9 · Linux Kernel+9

Jimmy

+1

·

Published

2021-01-05

·

Updated

2025-04-02

·

CVE-2021-33656

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a boundary error when setting a font with malicious data using the ioctl cmd PIO FONT, which can cause the kernel to write memory out of bounds. This can potentially allow an attacker to initiate unlimited writing and execute arbitrary code with elevated privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:2736
ALSA-2023:2951
ALT-PU-2021-1447
ALT-PU-2021-1525
ALT-PU-2021-1869
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2022-2158
ALT-PU-2022-2185
ALT-PU-2022-2220
ALT-PU-2022-2261
ALT-PU-2022-2305
ALT-PU-2022-2426
BDU:2022-05829
CESA-2023_2736
CESA-2023_2951
CVE-2021-33656
DLA-3131-1
OESA-2022-1748
OESA-2022-1774
OPENSUSE-SU-2022_2741-1
OPENSUSE-SU-2022_2827-1
OPENSUSE-SU-2022_2875-1
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023:4789
RHSA-2023_2736
RHSA-2023_2951
SUSE-SU-2022:2719-1
SUSE-SU-2022:2720-1
SUSE-SU-2022:2721-1
SUSE-SU-2022:2723-1
SUSE-SU-2022:2741-1
SUSE-SU-2022:2808-1
SUSE-SU-2022:2809-1
SUSE-SU-2022:2827-1
SUSE-SU-2022:2840-1
SUSE-SU-2022:2875-1
SUSE-SU-2022:2875-2
SUSE-SU-2022:2892-1
SUSE-SU-2022:2892-2
SUSE-SU-2022:2910-1
SUSE-SU-2023:0416-1
USN-5580-1
USN-5589-1
USN-5591-1
USN-5591-2
USN-5591-3
USN-5591-4
USN-5592-1
USN-5595-1
USN-5597-1
USN-5598-1
USN-5600-1
USN-5603-1
USN-5605-1
USN-5650-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu