SB2024062468 - Buffer overflow in Linux kernel tty vt driver
Published: June 24, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024062468
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2024-35823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/fc7dfe3d123f00e720be80b920da287810a1f37d
- https://git.kernel.org/stable/c/ff7342090c1e8c5a37015c89822a68b275b46f8a
- https://git.kernel.org/stable/c/1ce408f75ccf1e25b3fddef75cca878b55f2ac90
- https://git.kernel.org/stable/c/0190d19d7651c08abc187dac3819c61b726e7e3f
- https://git.kernel.org/stable/c/994a1e583c0c206c8ca7d03334a65b79f4d8bc51
- https://git.kernel.org/stable/c/7529cbd8b5f6697b369803fe1533612c039cabda
- https://git.kernel.org/stable/c/2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
- https://git.kernel.org/stable/c/1581dafaf0d34bc9c428a794a22110d7046d186d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.312
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.154
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.274
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.84
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.24
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8