LinuxVULNRICHMENT:CVE-2024-35823CVE-2024-35823 vt: fix unicode buffer corruption when deleting characters
In the Linux kernel, the following vulnerability has been resolved:
vt: fix unicode buffer corruption when deleting characters
This is the same issue that was fixed for the VGA text buffer in commit
39cdb68c64d8 (“vt: fix memory overlapping when deleting chars in the
buffer”). The cure is also the same i.e. replace memcpy() with memmove()
due to the overlaping buffers.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "fc7dfe3d123f",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "ff7342090c1e",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "1ce408f75ccf",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "0190d19d7651",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "994a1e583c0c",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "7529cbd8b5f6",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "2933b1e4757a",
"versionType": "git"
},
{
"status": "affected",
"version": "81732c3b2fed",
"lessThan": "1581dafaf0d3",
"versionType": "git"
}
],
"programFiles": [
"drivers/tty/vt/vt.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "3.7"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "3.7",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom",
"lessThanOrEqual": "6.1.*"
},
{
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom",
"lessThanOrEqual": "6.6.*"
},
{
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom",
"lessThanOrEqual": "6.7.*"
},
{
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/tty/vt/vt.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/0190d19d7651c08abc187dac3819c61b726e7e3f
git.kernel.org/stable/c/1581dafaf0d34bc9c428a794a22110d7046d186d
git.kernel.org/stable/c/1ce408f75ccf1e25b3fddef75cca878b55f2ac90
git.kernel.org/stable/c/2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
git.kernel.org/stable/c/7529cbd8b5f6697b369803fe1533612c039cabda
git.kernel.org/stable/c/994a1e583c0c206c8ca7d03334a65b79f4d8bc51
git.kernel.org/stable/c/fc7dfe3d123f00e720be80b920da287810a1f37d
git.kernel.org/stable/c/ff7342090c1e8c5a37015c89822a68b275b46f8a
lists.debian.org/debian-lts-announce/2024/06/msg00017.html
lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Related
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial