blob: a947669455877d6ccde0f34530c172b21f15cbc5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Description:
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2078466
https://www.openwall.com/lists/oss-security/2022/05/27/2
Notes:
carnil> As of 2022-05-26 not much details provided in RH bugzilla:
carnil> descriptions reads as An out-of-bounds read flaw was found in
carnil> the Linux kernel’s TeleTYpe subsystem. The issue occurs in
carnil> how a user triggers a race condition using ioctls TIOCSPTLCK
carnil> and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory
carnil> in the flush_to_ldisc function. This flaw allows a local user
carnil> to crash the system or read unauthorized random data from
carnil> memory.
carnil> Issue introduced by 71a174b39f10 ("pty: do tty_flip_buffer_push
carnil> without port->lock in pty_write") in 5.10-rc1.
Bugs:
upstream:
5.10-upstream-stable:
4.19-upstream-stable:
4.9-upstream-stable:
sid:
5.10-bullseye-security:
4.19-buster-security:
4.9-stretch-security:
|