summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2021-33655
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2022-12-14 14:02:17 +0100
committerMoritz Muehlenhoff <jmm@debian.org>2022-12-14 14:02:17 +0100
commit97db91052b394c5a69910974e0cc3c94cebc1a34 (patch)
treec89efbdd583292efdd42701ba4574c036c79391e /retired/CVE-2021-33655
parent2001746fa4385902f4da27dd2186a6b0a4d7769d (diff)
retire some issues
Diffstat (limited to 'retired/CVE-2021-33655')
-rw-r--r--retired/CVE-2021-3365514
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2021-33655 b/retired/CVE-2021-33655
new file mode 100644
index 00000000..f151faf5
--- /dev/null
+++ b/retired/CVE-2021-33655
@@ -0,0 +1,14 @@
+Description: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
+References:
+ https://www.openwall.com/lists/oss-security/2022/07/19/2
+Notes:
+ bwh> One commit is marked for backport to stable branches 4.14+, so I
+ bwh> assume all branches are somewhat affected.
+ bwh> Released in 5.18.11.
+Bugs:
+upstream: released (5.19-rc7) [65a01e601dbba8b7a51a2677811f70f783766682, e64242caef18b4a5840b0e7a9bff37abd4f4f933, 6c11df58fd1ac0aefcb3b227f72769272b939e56]
+5.10-upstream-stable: released (5.10.130) [b727561ddc9360de9631af2d970d8ffed676a750, cecb806c766c78e1be62b6b7b1483ef59bbaeabe, b81212828ad19ab3eccf00626cd04099215060bf]
+4.19-upstream-stable: released (4.19.252) [eae522ed28fe1c00375a8a0081a97dce7996e4d8]
+sid: released (5.18.14-1)
+5.10-bullseye-security: released (5.10.127-2) [bugfix/all/fbmem-check-virtual-screen-sizes-in-fb_set_var.patch, bugfix/all/fbcon-disallow-setting-font-bigger-than-screen-size.patch, bugfix/all/fbcon-prevent-that-screen-size-is-smaller-than-font-.patch]
+4.19-buster-security: released (4.19.260-1)

© 2014-2024 Faster IT GmbH | imprint | privacy policy