CVE-2022-48627

Updated: 2024-06-05 06:46:57.379121

Description:

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic. Fix this problem by using replacing the scr_memcpyw with scr_memmovew.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 4.4

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 4.4 MEDIUM Released CLSA-2024:1722533082 2024-08-01 14:33:59
AlmaLinux 9.2 FIPS kernel 5.14.0 4.4 MEDIUM Released CLSA-2024:1722530110 2024-08-01 14:34:00
CentOS 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2024-06-24 10:10:41
CentOS 7 ELS kernel 3.10.0 4.4 MEDIUM Ignored 2024-06-24 11:20:40
CentOS 8.4 ELS kernel 4.18.0 4.4 MEDIUM Ignored 2024-06-24 11:20:40
CentOS 8.5 ELS kernel 4.18.0 4.4 MEDIUM Ignored 2024-06-24 11:20:40
CentOS Stream 8 ELS kernel 4.18.0 4.4 MEDIUM Already Fixed 2024-06-09 14:19:09
CloudLinux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2024-06-24 10:10:41
Oracle Linux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2024-06-24 10:10:40
Ubuntu 16.04 ELS linux 4.4.0 4.4 MEDIUM Released CLSA-2024:1722535085 2024-08-01 14:30:30
Total: 12