PT-2024-11379 · Linux+6 · Linux Kernel+6

Published

2021-06-28

·

Updated

2025-12-10

·

CVE-2021-47383

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue occurs when a userspace program performs an ioctl FBIOPUT VSCREENINFO, passing a fb var screeninfo struct with only xres, yres, and bits per pixel fields, and their values. If this struct is the same as the previous ioctl, vc resize() detects it and doesn't call resize screen(), leaving fb var screeninfo incomplete. This leads to updatescrollmode() calculating a wrong value for fbcon display->vrows, causing real y() to return an incorrect value of y. This incorrect value eventually causes imageblit to access an out-of-bound address.
Recommendations To solve this issue, the resize screen() function is called even if the screen does not need resizing, ensuring fb var screeninfo is "fixed and filled" independently. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2024:7000
ALSA-2024:7001
ALSA-2024:8617
BDU:2025-14617
CESA-2024_7000
CESA-2024_7001
CVE-2021-47383
INFSA-2024_7000
INFSA-2024_7001
INFSA-2024_8617
OPENSUSE-SU-2024_2185-1
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
RHSA-2024:5364
RHSA-2024:5365
RHSA-2024:7000
RHSA-2024:7001
RHSA-2024:8617
RHSA-2024_7000
RHSA-2024_7001
RHSA-2024_8617
RLSA-2024:7001
RLSA-2024:8617
SUSE-SU-2024:1978-1
SUSE-SU-2024:1979-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2010-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2183-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2185-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2341-1
SUSE-SU-2024:2342-1
SUSE-SU-2024:2343-1
SUSE-SU-2024:2344-1
SUSE-SU-2024:2351-1
SUSE-SU-2024:2357-1
SUSE-SU-2024:2368-1
SUSE-SU-2024:2369-1
SUSE-SU-2024:2373-1
SUSE-SU-2024:2396-1
SUSE-SU-2024:2549-1
SUSE-SU-2024:2558-1
SUSE-SU-2024:2559-1
SUSE-SU-2024:2740-1
SUSE-SU-2024:2755-1
SUSE-SU-2024:2758-1
SUSE-SU-2024:2759-1
SUSE-SU-2024:2773-1
SUSE-SU-2024:2792-1
SUSE-SU-2024:2821-1
SUSE-SU-2024:2822-1
SUSE-SU-2024:3015-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3039-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse