公告ID: KYLIN-2020-14331
安全等级: 中等
产品: Kylin V3
发布日期: 2020年7月28日
CVE: CVE-2020-14331
CVSS3评分: 6.6
概述:
This flaw is rated as a having Moderate impact, because only local user with access to VGA console can trigger it (for example if booting with param "nomodeset"). 描述:
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.4.x
KYLIN 3.4.x
受影响包列表:
kernel
kernel
kernel
kernel-alt
kernel-rt
kernel
kernel-rt