CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*

History

08 Nov 2024, 16:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/1e5a17dc77d8a8bbe67040b32e2ef755901aba44 -
  • () https://git.kernel.org/stable/c/23c4cb8a56978e5b1baa171d42e616e316c2039d -
  • () https://git.kernel.org/stable/c/b3959d5eca136e0588f9af3867b34032160cb826 -
  • () https://git.kernel.org/stable/c/dc794e878e6d79f75205be456b1042a289c5759d -
  • () https://git.kernel.org/stable/c/efc67cee700b89ffbdb74a0603a083ec1290ae31 -

01 Nov 2024, 15:57

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
First Time Linux
Linux linux Kernel
References () https://git.kernel.org/stable/c/adb1f312f38f0d2c928ceaff089262798cc260b4 - () https://git.kernel.org/stable/c/adb1f312f38f0d2c928ceaff089262798cc260b4 - Patch
References () https://git.kernel.org/stable/c/dc2d5f02636c7587bdd6d1f60fc59c55860b00a4 - () https://git.kernel.org/stable/c/dc2d5f02636c7587bdd6d1f60fc59c55860b00a4 - Patch
References () https://git.kernel.org/stable/c/f956052e00de211b5c9ebaa1958366c23f82ee9e - () https://git.kernel.org/stable/c/f956052e00de211b5c9ebaa1958366c23f82ee9e - Patch
CPE cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
CWE CWE-909

29 Oct 2024, 14:34

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vt: prevent kernel-infoleak en con_font_get() font.data puede no inicializar todos los espacios de memoria dependiendo de la implementación de vc->vc_sw->con_font_get. Esto puede causar una fuga de información, por lo que para evitarlo, es más seguro modificarlo para inicializar el espacio de memoria asignado a 0 y, por lo general, no afecta el rendimiento general del sistema.

29 Oct 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-29 01:15

Updated : 2024-11-08 16:15


NVD link : CVE-2024-50076

Mitre link : CVE-2024-50076

CVE.ORG link : CVE-2024-50076


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-909

Missing Initialization of Resource