Fix: kernel: sending malicous data to kernel by ioctl FBIOPUT_VSCREENINFO may cause out of bounds write memory (!1432) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Wander Lairson Costa requested to merge walac/centos-stream-9:bz2109118-FBIOPUT_VSCREENINFO into main Oct 04, 2022

Bugzilla: https://bugzilla.redhat.com/2109118

CVE: CVE-2021-33655

Signed-off-by: Wander Lairson Costa wander@redhat.com

7bcc17fc (Wander Lairson Costa) fbcon: Use fbcon_info_from_console() in fbcon_modechange_possible()

71b0b7ca (Wander Lairson Costa) fbmem: Check virtual screen sizes in fb_set_var()

f6f3dd13 (Wander Lairson Costa) fbcon: Prevent that screen size is smaller than font size

a8dfd9fb (Wander Lairson Costa) fbcon: Disallow setting font bigger than screen size

7479ca7a (Wander Lairson Costa) video: of_display_timing.h: include errno.h

819f8600 (Wander Lairson Costa) fbdev: fbmem: Fix logo center image dx issue

drivers/video/fbdev/core/fbcon.c | 33 +++++++++++++++++++++++++++++++++ drivers/video/fbdev/core/fbmem.c | 16 ++++++++++++++-- include/linux/fbcon.h | 4 ++++ include/video/of_display_timing.h | 2 ++ 4 files changed, 53 insertions(+), 2 deletions(-)

Admin message

Fix: kernel: sending malicous data to kernel by ioctl FBIOPUT_VSCREENINFO may cause out of bounds write memory

Merge request reports