{"id":"CVE-2020-28974","details":"A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.","modified":"2026-04-16T00:02:42.540284868Z","published":"2020-11-20T18:15:12.120Z","related":["ALSA-2021:1578","SUSE-SU-2020:3522-1","SUSE-SU-2020:3713-1","SUSE-SU-2020:3714-1","SUSE-SU-2020:3715-1","SUSE-SU-2020:3717-1","SUSE-SU-2020:3718-1","SUSE-SU-2020:3748-1","SUSE-SU-2020:3766-1","SUSE-SU-2020:3798-1","SUSE-SU-2021:0434-1","SUSE-SU-2021:0437-1","SUSE-SU-2021:0438-1","SUSE-SU-2021:0452-1","SUSE-SU-2021:14630-1","openSUSE-SU-2020:2161-1","openSUSE-SU-2020:2193-1","openSUSE-SU-2020:2260-1","openSUSE-SU-2021:0242-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210108-0003/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2020/11/25/1"},{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.7"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4e0dff2095c579b142d5a0693257f1c58b4804"},{"type":"EVIDENCE","url":"https://seclists.org/oss-sec/2020/q4/104"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9.7"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28974.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H"}]}