A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. Upstream fix: https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2213490]
This was fixed for Fedora with the 6.1.11 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:5603 https://access.redhat.com/errata/RHSA-2023:5603
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:5604 https://access.redhat.com/errata/RHSA-2023:5604
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6583
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:6901
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2023:7077
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412