Updated:
Description:
In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip image height to screen boundary. Break from the rendering loop if the X position is off-screen. When clipping image width to fit the screen, update the character count to match the clipped width to prevent buffer size mismatches. Without the character count update, bit_putcs_aligned and bit_putcs_unaligned receive mismatched parameters where the buffer is allocated for the clipped width but cnt reflects the original larger count, causing out-of-bounds writes.
CVSS3: 7.3
| OS | Vendor version | Errata |
|---|---|---|
| Debian 11 | 5.10.247-1 | DLA-4404-1 |
| Debian 11 cloud | 5.10.247-1 | DLA-4404-1 |
| Amazon Linux 2023 | 6.1.159-181.297.amzn2023 | ALAS2023-2025-1350 |
| OS | Original kernel version | State |
|---|---|---|
| Debian 11 | |
Planned |
| Debian 11 cloud | |
Planned |
| Debian 12 | |
Planned |
| Amazon Linux 2023 | |
Planned |