Bug 1999589 (CVE-2021-3753) - CVE-2021-3753 kernel: a race out-of-bound read in vt
Summary: CVE-2021-3753 kernel: a race out-of-bound read in vt
Keywords:
Status: NEW
Alias: CVE-2021-3753
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2003819 2003820 2003821
Blocks: 1999592 1999595
TreeView+ depends on / blocked
 
Reported: 2021-08-31 11:42 UTC by Marian Rehak
Modified: 2023-09-19 14:13 UTC (History)
36 users (show)

Fixed In Version: Linux kernel 5.15-rc1
Doc Type: If docs needed, set a value
Doc Text:
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Marian Rehak 2021-08-31 11:42:20 UTC
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

References:
https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7
https://www.openwall.com/lists/oss-security/2021/09/01/4


Note You need to log in before you can comment on or make changes to this bug.