APPLIED [BIONIC]: [SRU B/F PATCH 0/1] CVE-2021-33656

Luke Nowakowski-Krijger luke.nowakowskikrijger at canonical.com
Mon Aug 8 21:04:12 UTC 2022


Applied to bionic:linux master-next

Thanks,
- Luke

On Tue, Aug 2, 2022 at 9:22 PM Cengiz Can <cengiz.can at canonical.com> wrote:

> [Impact]
> When setting font with malicous data by ioctl cmd PIO_FONT, kernel will
> write memory out of bounds.
>
> [Fix]
> Fix was cherry-picked from closest stable trees.
>
> An additional patch[1] seems to be under discussion (very recently)
> for removing leftover macros at `uapi/linux/kd.h`. Since it doesn't
> directly contribute to the fix, that patch was ignored.
>
> [Test case]
> Compile and boot tested on KVM only.
>
> [Potential regression]
> As discussed in mailing list and explained in the patch body, those
> ioctls seem to be archaic and not used by any known clients.
>
> However I managed to find a complaint[2] from one of the users. It was
> suggested to switch to the newer API instead.
>
> So there's a slight regression potantial, especially from users who
> change fonts of framebuffer console.
>
> [1]
> https://lore.kernel.org/lkml/YuUdWoa7UFHmkNu9@kroah.com/T/#m536ff2bb888b82312895864479bc06ae52aaa8cf
> [2] https://www.spinics.net/lists/kernel/msg3985438.html
>
> Jiri Slaby (1):
>   vt: drop old FONT ioctls
>
>  drivers/tty/vt/vt.c       |  39 +---------
>  drivers/tty/vt/vt_ioctl.c | 149 --------------------------------------
>  include/linux/kd.h        |   8 --
>  3 files changed, 3 insertions(+), 193 deletions(-)
>  delete mode 100644 include/linux/kd.h
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220808/647ff5d3/attachment.html>


More information about the kernel-team mailing list