A flaw in the Linux Kernel framebuffer-based console driver found. When sending malicious data to kernel by ioctl FBIOPUT_VSCREENINFO, kernel will write memory out of bounds. To trigger the vulnerability user need to have access to console driver like /dev/fb0.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2109115]
This was fixed for Fedora with the 5.18.11 stable kernel updates.