References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

fbcon: Avoid OOB font access if console rotation fails

Clear the font buffer if the reallocation during console rotation fails
in fbcon_rotate_font(). The putcs implementations for the rotated buffer
will return early in this case. See [1] for an example.

Currently, fbcon_rotate_font() keeps the old buffer, which is too small
for the rotated font. Printing to the rotated console with a high-enough
character code will overflow the font buffer.

v2:
- fix typos in commit message

https://git.kernel.org/stable/c/594973a2e54924d8ba31c9faac669fc1ba6fcb80

https://git.kernel.org/stable/c/7105d9f1387d63b15c9a860674fc92c959181f2f

https://git.kernel.org/stable/c/ab6c34b9829d5de03f1d08a47a2253729a6e7e27

https://git.kernel.org/stable/c/b44cc78ff46b96e72d333a3be6aaaa0a14797263

https://git.kernel.org/stable/c/e4ef723d8975a2694cc90733a6b888a5e2841842