A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2213485 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be | Patch |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
22 Jun 2023, 00:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be - Patch | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2213485 - Issue Tracking, Patch, Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
|
CWE | CWE-682 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Redhat enterprise Linux
Linux linux Kernel Linux Fedoraproject fedora Fedoraproject Redhat |
12 Jun 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-12 20:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-3161
Mitre link : CVE-2023-3161
CVE.ORG link : CVE-2023-3161
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux
fedoraproject
- fedora