CVE-2024-50076

MEDIUM

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system.

References (8)

[Patch] https://git.kernel.org/stable/c/1e5a17dc77d8a8bbe67040b32e2ef755901aba44

[Patch] https://git.kernel.org/stable/c/23c4cb8a56978e5b1baa171d42e616e316c2039d

[Patch] https://git.kernel.org/stable/c/b3959d5eca136e0588f9af3867b34032160cb826

[Patch] https://git.kernel.org/stable/c/dc794e878e6d79f75205be456b1042a289c5759d

[Patch] https://git.kernel.org/stable/c/efc67cee700b89ffbdb74a0603a083ec1290ae31

[Patch] https://git.kernel.org/stable/c/adb1f312f38f0d2c928ceaff089262798cc260b4

[Patch] https://git.kernel.org/stable/c/dc2d5f02636c7587bdd6d1f60fc59c55860b00a4

[Patch] https://git.kernel.org/stable/c/f956052e00de211b5c9ebaa1958366c23f82ee9e

Scores

CVSS v3 6.5

EPSS 0.0007

EPSS Percentile 21.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-909

Status published

Products (9)

linux/Kernel 2.6.12 - 4.19.323linux

linux/Kernel 4.20.0 - 5.4.285linux

linux/Kernel 5.11.0 - 5.15.171linux

linux/Kernel 5.16.0 - 6.1.116linux

linux/Kernel 5.5.0 - 5.10.229linux

linux/Kernel 6.2.0 - 6.6.58linux

linux/Kernel 6.7.0 - 6.11.5linux

linux/linux_kernel 6.12 rc1 (3 CPE variants)

linux/linux_kernel 6.3 - 6.6.58

Published Oct 29, 2024

Tracked Since Feb 18, 2026