vulnerability
Oracle Linux: CVE-2024-35823: ELSA-2024-5101: kernel security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 05/17/2024 | 08/16/2024 | 12/06/2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
05/17/2024
Added
08/16/2024
Modified
12/06/2024
Description
In the Linux kernel, the following vulnerability has been resolved:
vt: fix unicode buffer corruption when deleting characters
This is the same issue that was fixed for the VGA text buffer in commit
39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the
buffer"). The cure is also the same i.e. replace memcpy() with memmove()
due to the overlaping buffers.
A vulnerability as found in the Linux kernel’s virtual terminal (VT) subsystem, which could lead to unicode buffer corruption when deleting characters. This issue arises from improper handling of unicode data, which can corrupt memory or lead to unintended behavior.
vt: fix unicode buffer corruption when deleting characters
This is the same issue that was fixed for the VGA text buffer in commit
39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the
buffer"). The cure is also the same i.e. replace memcpy() with memmove()
due to the overlaping buffers.
A vulnerability as found in the Linux kernel’s virtual terminal (VT) subsystem, which could lead to unicode buffer corruption when deleting characters. This issue arises from improper handling of unicode data, which can corrupt memory or lead to unintended behavior.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.