cve/published/2024/CVE-2024-35823.mbox

From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: <linux-cve-announce@vger.kernel.org>
Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Subject: CVE-2024-35823: vt: fix unicode buffer corruption when deleting characters

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

vt: fix unicode buffer corruption when deleting characters

This is the same issue that was fixed for the VGA text buffer in commit
39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the
buffer"). The cure is also the same i.e. replace memcpy() with memmove()
due to the overlaping buffers.

The Linux kernel CVE team has assigned CVE-2024-35823 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 4.19.312 with commit fc7dfe3d123f00e720be80b920da287810a1f37d
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 5.4.274 with commit ff7342090c1e8c5a37015c89822a68b275b46f8a
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 5.10.215 with commit 1ce408f75ccf1e25b3fddef75cca878b55f2ac90
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 5.15.154 with commit 0190d19d7651c08abc187dac3819c61b726e7e3f
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 6.1.84 with commit 994a1e583c0c206c8ca7d03334a65b79f4d8bc51
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 6.6.24 with commit 7529cbd8b5f6697b369803fe1533612c039cabda
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 6.7.12 with commit 2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
	Issue introduced in 3.7 with commit 81732c3b2fede049a692e58a7ceabb6d18ffb18c and fixed in 6.8 with commit 1581dafaf0d34bc9c428a794a22110d7046d186d

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-35823
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/tty/vt/vt.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/fc7dfe3d123f00e720be80b920da287810a1f37d
	https://git.kernel.org/stable/c/ff7342090c1e8c5a37015c89822a68b275b46f8a
	https://git.kernel.org/stable/c/1ce408f75ccf1e25b3fddef75cca878b55f2ac90
	https://git.kernel.org/stable/c/0190d19d7651c08abc187dac3819c61b726e7e3f
	https://git.kernel.org/stable/c/994a1e583c0c206c8ca7d03334a65b79f4d8bc51
	https://git.kernel.org/stable/c/7529cbd8b5f6697b369803fe1533612c039cabda
	https://git.kernel.org/stable/c/2933b1e4757a0a5c689cf48d80b1a2a85f237ff1
	https://git.kernel.org/stable/c/1581dafaf0d34bc9c428a794a22110d7046d186d