A flaw was found in the vgacon_scrolldelta of the Linux Kernel which may be utilized to conduct a out-of-bounds reading to leak information. This BUG is caused by "soff" being negative after VT_RESIZE. References: https://www.openwall.com/lists/oss-security/2020/09/16/1 Upstream Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=973c096f6a85e5b5f2a295126ba6928d9a6afd45
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1883877]
This was fixed for Fedora with the 5.8.10 stable updates.
The CVE for this one is CVE-2020-28097
*** Bug 1976208 has been marked as a duplicate of this bug. ***