blob: a4443837d923f873476191fe3192ebe918b6fd9d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: vt: heap OOB read/write in vcs_scr_readw
References:
https://lore.kernel.org/lkml/c30fc539-68a8-65d7-226c-6f8e6fd8bdfb@suse.com/
https://lore.kernel.org/lkml/nycvar.YSQ.7.76.1911051030580.30289@knanqh.ubzr/
Notes:
bwh> Fix appears to be commit 0c9acb1af77a "vcs: prevent write access to
bwh> vcsu devices", which blames commit d21b0be246bf "vt: introduce unicode
bwh> mode for /dev/vcs" from 4.19.
carnil> Fixed as well in 5.4.3, 5.3.16 already.
Bugs:
upstream: released (5.5-rc1) [0c9acb1af77a3cb8707e43f45b72c95266903cee]
4.19-upstream-stable: released (4.19.89) [627f3b9e4dd812dac9d93e578af80de751e704a4]
4.9-upstream-stable: N/A "Vulnerability introduced later"
3.16-upstream-stable: N/A "Vulnerability introduced later"
sid: needed
4.19-buster-security: released (4.19.98-1)
4.9-stretch-security: N/A "Vulnerability introduced later"
3.16-jessie-security: N/A "Vulnerability introduced later"
|