A flaw was found in the Linux kernels virtual console system which attempted to implement Unicode support. The read and write support for Unicode on virtual consoles were implemented with different commits and attempting to write to a virtual console which did not implement Unicode characters could allow for memory corruption and possibly other issues. Reference and upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=0c9acb1af77a3cb8707e43f45b72c95266903cee
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1778861]
This flaw is rated as moderate, the attacker requires a local account with permissions to write to the correct device and this could possibly be used to trick the user into doing an action...
This issue was fixed with the 5.3.16 stable kernel updates.
Mitigation: At this time there is no workaround that is suitable for a production system that would completely mitigate this flaw.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19252