Bug 2221463 (CVE-2023-3567) - CVE-2023-3567 kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
Summary: CVE-2023-3567 kernel: use after free in vcs_read in drivers/tty/vt/vc_screen....
Keywords:
Status: NEW
Alias: CVE-2023-3567
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2221465 2221466 2221467 2221468
Blocks: 2186438
TreeView+ depends on / blocked
 
Reported: 2023-07-09 09:15 UTC by Rohit Keshri
Modified: 2024-05-22 09:50 UTC (History)
46 users (show)

Fixed In Version: kernel 6.2-rc7
Doc Type: If docs needed, set a value
Doc Text:
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:0688 0 None None None 2024-02-05 17:04:23 UTC
Red Hat Product Errata RHBA-2024:2634 0 None None None 2024-05-01 01:21:55 UTC
Red Hat Product Errata RHBA-2024:2650 0 None None None 2024-05-02 00:14:44 UTC
Red Hat Product Errata RHBA-2024:2686 0 None None None 2024-05-02 22:49:50 UTC
Red Hat Product Errata RHSA-2024:0412 0 None None None 2024-01-24 16:44:11 UTC
Red Hat Product Errata RHSA-2024:0431 0 None None None 2024-01-24 15:24:39 UTC
Red Hat Product Errata RHSA-2024:0432 0 None None None 2024-01-24 15:25:21 UTC
Red Hat Product Errata RHSA-2024:0439 0 None None None 2024-01-24 16:35:57 UTC
Red Hat Product Errata RHSA-2024:0448 0 None None None 2024-01-24 16:37:50 UTC
Red Hat Product Errata RHSA-2024:0575 0 None None None 2024-01-30 13:21:49 UTC
Red Hat Product Errata RHSA-2024:2394 0 None None None 2024-04-30 10:10:37 UTC
Red Hat Product Errata RHSA-2024:2950 0 None None None 2024-05-22 09:13:12 UTC
Red Hat Product Errata RHSA-2024:3138 0 None None None 2024-05-22 09:50:53 UTC

Description Rohit Keshri 2023-07-09 09:15:20 UTC
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. In this flaw an attacker with local user access may ead to a system crash or a leak of internal kernel information.

Reference:
https://www.spinics.net/lists/stable-commits/msg285184.html

Comment 10 errata-xmlrpc 2024-01-24 15:24:36 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:0431 https://access.redhat.com/errata/RHSA-2024:0431

Comment 11 errata-xmlrpc 2024-01-24 15:25:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:0432 https://access.redhat.com/errata/RHSA-2024:0432

Comment 12 errata-xmlrpc 2024-01-24 16:35:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0439 https://access.redhat.com/errata/RHSA-2024:0439

Comment 13 errata-xmlrpc 2024-01-24 16:37:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0448 https://access.redhat.com/errata/RHSA-2024:0448

Comment 14 errata-xmlrpc 2024-01-24 16:44:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412

Comment 15 errata-xmlrpc 2024-01-30 13:21:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:0575 https://access.redhat.com/errata/RHSA-2024:0575

Comment 17 errata-xmlrpc 2024-04-30 10:10:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2394

Comment 18 errata-xmlrpc 2024-05-22 09:13:07 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:2950

Comment 19 errata-xmlrpc 2024-05-22 09:50:48 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:3138 https://access.redhat.com/errata/RHSA-2024:3138


Note You need to log in before you can comment on or make changes to this bug.