CVE-2022-49948

When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new screen size and thus trigger out-of-bounds accesses to graphics memory if the selection is removed in vcdoresize().

Prevent such out-of-memory accesses by dropping the selection before the various confontset() console handlers are called.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49948.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

009e39ae44f4191188aeb6dfbf661b771dbbe515

Fixed

c555cf04684fde39b5b0dd9fd80730030ee10c4a

Fixed

e9ba4611ddf676194385506222cce7b0844e708e

Fixed

f74b4a41c5d7c9522469917e3072e55d435efd9e

Fixed

1cf1930369c9dc428d827b60260c53271bff3285

Fixed

989201bb8c00b222235aff04e6200230d29dc7bb

Fixed

2535431ae967ad17585513649625fea7db28d4db

Fixed

c904fe03c4bd1f356a58797d39e2a5d0ca15cefc

Fixed

566f9c9f89337792070b5a6062dff448b3e7977f

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e60f8fcce05042e8f8cea25ee81fecc1222114cf

Last affected

5812a9bc9d68a82c2cc839f88e6f7a05093ab39d

Last affected

863ad19fd654c485e3beec3575c4d74a1e74369e

Last affected

dbc3fd44f957a39407e889287bf61fa0ef3ecc14

Last affected

0b2a0a58ad22f9d6dfc641bc5ec46057493f22a5

Last affected

9f2d48f0745f921040df91bfe8fa7f0339cd7497

Last affected

3425e397fb23cc2e8e6fb8f5b8226dcb447e84dd

Last affected

eeae0a12a16650ff494d5faefa371cd9e7079575

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49948.json"