PT-2022-7654 · Linux+9 · Linux Kernel+9

Yangxi Xiang

·

Published

2022-06-30

·

Updated

2025-09-29

·

CVE-2022-48627

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a memory overlapping copy in the Linux kernel's vt component when deleting characters in the buffer. This can cause data corruption when scr memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken due to the use of hardware acceleration, whose result is not deterministic.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-787

Related Identifiers

ALSA-2024:3618
ALSA-2024:3627
ALSA-2024:4583
ALSA-2025_16880
BDU:2024-07839
CESA-2024_3618
CESA-2024_3627
CVE-2022-48627
DLA-3840-1
INFSA-2024_3618
INFSA-2024_3627
INFSA-2024_4583
OESA-2024-1496
OESA-2024-1497
OPENSUSE-SU-2024_0857-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024:4533
RHSA-2024:4554
RHSA-2024:4583
RHSA-2024:5255
RHSA-2024_3618
RHSA-2024_3627
RHSA-2024_4583
RLSA-2024:3618
RLSA-2024:3627
RLSA-2024:4583
SUSE-SU-2024:0855-1
SUSE-SU-2024:0856-1
SUSE-SU-2024:0857-1
SUSE-SU-2024:0900-1
SUSE-SU-2024:0900-2
SUSE-SU-2024:0925-1
SUSE-SU-2024:0926-1
SUSE-SU-2024:0975-1
SUSE-SU-2024:0976-1
SUSE-SU-2024:0977-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu