1778860 – (CVE-2019-19252) CVE-2019-19252 kernel: vcs_write in drivers/tty/vt/vc_screen.c does not prevent write access to vcsu devices

Bug 1778860 (CVE-2019-19252) - CVE-2019-19252 kernel: vcs_write in drivers/tty/vt/vc_screen.c does not prevent write access to vcsu devices

Summary: CVE-2019-19252 kernel: vcs_write in drivers/tty/vt/vc_screen.c does not preve...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2019-19252
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1778861
Blocks:	1778862
TreeView+	depends on / blocked

Reported:	2019-12-02 16:49 UTC by Guilherme de Almeida Suckevicz
Modified:	2021-02-16 20:56 UTC (History)
CC List:	48 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the Linux kernel’s virtual console implementation of Unicode usage. This flaw allows a local attacker with permissions on the /dev/vcsu* devices to crash the system or corrupt memory.
Clone Of:
Environment:
Last Closed:	2020-03-23 04:31:50 UTC
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2019-12-02 16:49:21 UTC

A flaw was found in the Linux kernels virtual console system which attempted to implement Unicode support.  The read and write support for Unicode on virtual consoles were implemented with different commits and attempting to write to a virtual console which did not implement Unicode characters could allow for memory corruption and possibly other issues.


Reference and upstream commit:
https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=0c9acb1af77a3cb8707e43f45b72c95266903cee

Comment 1 Guilherme de Almeida Suckevicz 2019-12-02 16:51:34 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1778861]

Comment 3 Wade Mealing 2020-03-19 05:42:25 UTC

This flaw is rated as moderate, the attacker requires a local account with permissions to write to the correct device and this could possibly be used to trick the user into doing an action...

Comment 5 Justin M. Forbes 2020-03-19 22:05:21 UTC

This issue was fixed with the 5.3.16 stable kernel updates.

Comment 6 Wade Mealing 2020-03-23 01:50:29 UTC

Mitigation:

At this time there is no workaround that is suitable for a production system that would completely mitigate this flaw.

Comment 9 Product Security DevOps Team 2020-03-23 04:31:50 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-19252

Note You need to log in before you can comment on or make changes to this bug.

acaringi
airlied
bdettelb
bhu
blc
brdeoliv
bskeggs
dhoward
dvlasenk
esammons
fhrbata
hdegoede
hkrzesin
iboverma
ichavero
itamar
jarodwilson
jeremy
jforbes
jglisse
jlelli
john.j5live
jonathan
josef
jross
jschorr
jshortt
jstancek
jwboyer
kernel-maint
kernel-mgr
labbott
lgoncalv
linville
masami256
matt
mchehab
mcressma
mjg59
mlangsdo
nmurray
plougher
qzhao
rt-maint
rvrbovsk
steved
williams
wmealing