Ubuntu.comUB:CVE-2022-48627CVE-2022-48627
In the Linux kernel, the following vulnerability has been resolved: vt: fix
memory overlapping when deleting chars in the buffer A memory overlapping
copy occurs when deleting a long line. This memory overlapping copy can
cause data corruption when scr_memcpyw is optimized to memcpy because
memcpy does not ensure its behavior if the destination buffer overlaps with
the source buffer. The line buffer is not always broken, because the memcpy
utilizes the hardware acceleration, whose result is not deterministic. Fix
this problem by using replacing the scr_memcpyw with scr_memmovew.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | linux | < 5.4.0-189.209 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux | < 5.15.0-50.56 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1128.138 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1021.25 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1021.25~20.04.1 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1133.140 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1021.26 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-5.15 | < 5.15.0-1021.26~20.04.1 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-azure-5.4 | < 5.4.0-1133.140~18.04.1 | UNKNOWN |
References
git.kernel.org/linus/39cdb68c64d84e71a4a717000b6e5de208ee60cc (5.19-rc7)
launchpad.net/bugs/cve/CVE-2022-48627
nvd.nist.gov/vuln/detail/CVE-2022-48627
security-tracker.debian.org/tracker/CVE-2022-48627
ubuntu.com/security/notices/USN-6896-1
ubuntu.com/security/notices/USN-6896-2
ubuntu.com/security/notices/USN-6896-3
ubuntu.com/security/notices/USN-6896-4
ubuntu.com/security/notices/USN-6896-5
www.cve.org/CVERecord?id=CVE-2022-48627
Related
