Synthesis of the vulnerability
An attacker can force a read at an invalid address via fbcon_copy_font() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.Vulnerable systems: Debian, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.Severity of this threat: 2/4.Creation date: 09/11/2020.Références of this weakness: CERTFR-2020-AVI-776, CERTFR-2020-AVI-794, CERTFR-2020-AVI-811, CERTFR-2020-AVI-834, CERTFR-2020-AVI-837, CERTFR-2021-AVI-006, CVE-2020-28974, DLA-2483-1, DLA-2494-1, openSUSE-SU-2020:2161-1, openSUSE-SU-2020:2193-1, openSUSE-SU-2020:2260-1, SUSE-SU-2020:3522-1, SUSE-SU-2020:3713-1, SUSE-SU-2020:3714-1, SUSE-SU-2020:3715-1, SUSE-SU-2020:3717-1, SUSE-SU-2020:3718-1, SUSE-SU-2020:3748-1, SUSE-SU-2020:3766-1, SUSE-SU-2020:3798-1, USN-4679-1, USN-4680-1, USN-4681-1, USN-4683-1, VIGILANCE-VUL-33854.
Description of the vulnerability
An attacker can force a read at an invalid address via fbcon_copy_font() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This secu ..
Support the originator by clicking the read the rest link below.