Bug 1999589 (CVE-2021-3753) - CVE-2021-3753 kernel: a race out-of-bound read in vt
Summary: CVE-2021-3753 kernel: a race out-of-bound read in vt
Keywords:
Status: NEW
Alias: CVE-2021-3753
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2003819 2003820 2003821
Blocks: 1999592 1999595
TreeView+ depends on / blocked
 
Reported: 2021-08-31 11:42 UTC by Marian Rehak
Modified: 2024-05-22 09:48 UTC (History)
36 users (show)

Fixed In Version: Linux kernel 5.15-rc1
Doc Type: If docs needed, set a value
Doc Text:
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:2950 0 None None None 2024-05-22 09:12:15 UTC
Red Hat Product Errata RHSA-2024:3138 0 None None None 2024-05-22 09:48:51 UTC

Description Marian Rehak 2021-08-31 11:42:20 UTC
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

References:
https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7
https://www.openwall.com/lists/oss-security/2021/09/01/4

Comment 15 errata-xmlrpc 2024-05-22 09:12:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:2950

Comment 16 errata-xmlrpc 2024-05-22 09:48:48 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:3138 https://access.redhat.com/errata/RHSA-2024:3138


Note You need to log in before you can comment on or make changes to this bug.