Out-of-bounds read in Linux kernel tty vt driver
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-28974 |
| CWE-ID | CWE-125 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Out-of-bounds read
EUVDB-ID: #VU90369
Risk: Medium
CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-28974
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to read and manipulate data.
The vulnerability exists due to an out-of-bounds read error within the con_font_default() and con_font_op() functions in drivers/tty/vt/vt.c. A local privileged user can read and manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.9 rc1 - 5.9.6
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2020/11/25/1
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804
https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
https://seclists.org/oss-sec/2020/q4/104
https://security.netapp.com/advisory/ntap-20210108-0003/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
