CVE-2021-33656

Summary

CVE	CVE-2021-33656
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-07-18 15:15:00 UTC
Updated	2022-10-29 02:52:00 UTC
Description	When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Huawei	Openeuler	20.03	-	All	All
Operating System	Huawei	Openeuler	20.03	sp1	All	All
Operating System	Huawei	Openeuler	20.03	sp3	All	All
Operating System	Linux	Linux Kernel	All	All	All	All

References

Reference	Source	Link	Tags
oss-security - CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(<5.10.127)	MLIST	www.openwall.com
[SECURITY] [DLA 3131-1] linux security update	MLIST	lists.debian.org
Security-cveDetail	MISC	www.openeuler.org
vt-drop-old-font-ioctls.patch « 5.10.127 « releases - kernel/git/stable/stable-queue.git - Linux kernel stable patch queue	MISC	git.kernel.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160076 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9761)
160692 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2951)
180908 Debian Security Update for linux (CVE-2021-33656)
181091 Debian Security Update for linux (DLA 3131-1)
198917 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5589-1)
198919 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5592-1)
198920 Ubuntu Security Notification for Linux kernel Vulnerability (USN-5591-3)
198922 Ubuntu Security Notification for Linux kernel (AWS) Vulnerability (USN-5591-4)
198924 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5595-1)
198925 Ubuntu Security Notification for Linux kernel (Oracle) Vulnerability (USN-5598-1)
198926 Ubuntu Security Notification for Linux kernel (HWE) Vulnerabilities (USN-5600-1)
198928 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5603-1)
198930 Ubuntu Security Notification for Linux kernel (Azure CVM) Vulnerabilities (USN-5605-1)
241504 Red Hat Update for kernel security (RHSA-2023:2951)
241527 Red Hat Update for kernel-rt (RHSA-2023:2736)
377117 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0158)
377766 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2022:0049)
377871 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2023:0001)
390267 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0024)
672086 EulerOS Security Update for kernel (EulerOS-SA-2022-2321)
672114 EulerOS Security Update for kernel (EulerOS-SA-2022-2292)
672139 EulerOS Security Update for kernel (EulerOS-SA-2022-2428)
672141 EulerOS Security Update for kernel (EulerOS-SA-2022-2441)
672158 EulerOS Security Update for kernel (EulerOS-SA-2022-2415)
672205 EulerOS Security Update for kernel (EulerOS-SA-2022-2466)
752452 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2719-1)
752453 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2723-1)
752455 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2720-1)
752463 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2809-1)
752464 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2808-1)
752474 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2827-1)
752502 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2875-1)
753156 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2741-1)
753316 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2892-1)
753703 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
753707 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
753727 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
902574 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (10370)
902699 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (10370-1)
941096 AlmaLinux Security Update for kernel (ALSA-2023:2951)
941114 AlmaLinux Security Update for kernel-rt (ALSA-2023:2736)