U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-35823 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer"). The cure is also the same i.e. replace memcpy() with memmove() due to the overlaping buffers.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/0190d19d7651c08abc187dac3819c61b726e7e3f
https://git.kernel.org/stable/c/0190d19d7651c08abc187dac3819c61b726e7e3f
https://git.kernel.org/stable/c/1581dafaf0d34bc9c428a794a22110d7046d186d
https://git.kernel.org/stable/c/1581dafaf0d34bc9c428a794a22110d7046d186d
https://git.kernel.org/stable/c/1ce408f75ccf1e25b3fddef75cca878b55f2ac90
https://git.kernel.org/stable/c/1ce408f75ccf1e25b3fddef75cca878b55f2ac90
https://git.kernel.org/stable/c/2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
https://git.kernel.org/stable/c/2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
https://git.kernel.org/stable/c/7529cbd8b5f6697b369803fe1533612c039cabda
https://git.kernel.org/stable/c/7529cbd8b5f6697b369803fe1533612c039cabda
https://git.kernel.org/stable/c/994a1e583c0c206c8ca7d03334a65b79f4d8bc51
https://git.kernel.org/stable/c/994a1e583c0c206c8ca7d03334a65b79f4d8bc51
https://git.kernel.org/stable/c/fc7dfe3d123f00e720be80b920da287810a1f37d
https://git.kernel.org/stable/c/fc7dfe3d123f00e720be80b920da287810a1f37d
https://git.kernel.org/stable/c/ff7342090c1e8c5a37015c89822a68b275b46f8a
https://git.kernel.org/stable/c/ff7342090c1e8c5a37015c89822a68b275b46f8a
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Weakness Enumeration

CWE-ID CWE Name Source
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CISA-ADP  

Change History

7 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-35823
NVD Published Date:
05/17/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org