Updated: 2024-05-14 20:04:57.09547
Description:
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | LOW | 1.9 |
CVSS Version 3.x | MEDIUM | 4.7 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | kernel | 5.14.0 | 4.7 | MEDIUM | Ignored | 2023-11-08 04:07:45 | |
AlmaLinux 9.2 FIPS | kernel | 5.14.0 | 4.7 | MEDIUM | Ignored | 2023-11-21 04:12:23 | |
CentOS 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:21 | |
CentOS 7 ELS | kernel | 3.10.0 | 4.7 | MEDIUM | Ignored | 2023-09-19 09:30:03 | |
CentOS 8.4 ELS | kernel | 4.18.0 | 4.7 | MEDIUM | Released | CLSA-2022:1651145959 | 2022-04-28 15:58:55 |
CentOS 8.5 ELS | kernel | 4.18.0 | 4.7 | MEDIUM | Released | CLSA-2022:1651146021 | 2022-04-28 15:58:55 |
CloudLinux 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:21 | |
Oracle Linux 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:21 | |
Ubuntu 16.04 ELS | linux | 4.4.0 | 4.7 | MEDIUM | Released | CLSA-2023:1690395161 | 2023-07-26 17:15:31 |
Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 4.7 | MEDIUM | Already Fixed | 2023-07-17 11:09:16 |