In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system.
History

Fri, 08 Nov 2024 16:15:00 +0000


Fri, 01 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-909
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}


Wed, 30 Oct 2024 02:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Tue, 29 Oct 2024 01:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system.
Title vt: prevent kernel-infoleak in con_font_get()
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-10-29T00:50:18.349Z

Updated: 2024-12-19T09:32:32.582Z

Reserved: 2024-10-21T19:36:19.940Z

Link: CVE-2024-50076

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-10-29T01:15:04.697

Modified: 2024-11-08T16:15:45.873

Link: CVE-2024-50076

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-10-29T00:00:00Z

Links: CVE-2024-50076 - Bugzilla