← Volver a CVEs

CVE-2023-38409

MEDIUM

5.5

Descripcion

An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info).

Detalles CVE

Puntuacion CVSS v3.15.5

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado7/17/2023

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

linux:linux_kernel

Debilidades (CWE)

CWE-362

Referencias

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12(cve@mitre.org)

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d(cve@mitre.org)

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12(af854a3a-2127-422b-91ae-364da2661108)

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.