{"id":"CVE-2021-47383","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn't call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.","modified":"2026-03-15T22:43:12.457744Z","published":"2024-05-21T15:15:23.873Z","related":["ALSA-2024:7000","ALSA-2024:7001","ALSA-2024:8617","SUSE-SU-2024:1978-1","SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2341-1","SUSE-SU-2024:2342-1","SUSE-SU-2024:2343-1","SUSE-SU-2024:2344-1","SUSE-SU-2024:2351-1","SUSE-SU-2024:2357-1","SUSE-SU-2024:2368-1","SUSE-SU-2024:2369-1","SUSE-SU-2024:2373-1","SUSE-SU-2024:2396-1","SUSE-SU-2024:2549-1","SUSE-SU-2024:2558-1","SUSE-SU-2024:2559-1","SUSE-SU-2024:2740-1","SUSE-SU-2024:2755-1","SUSE-SU-2024:2758-1","SUSE-SU-2024:2759-1","SUSE-SU-2024:2773-1","SUSE-SU-2024:2792-1","SUSE-SU-2024:2821-1","SUSE-SU-2024:2822-1","SUSE-SU-2024:3015-1","SUSE-SU-2024:3034-1","SUSE-SU-2024:3037-1","SUSE-SU-2024:3039-1","SUSE-SU-2024:3043-1","SUSE-SU-2024:3044-1","SUSE-SU-2024:3048-1","SUSE-SU-2024:3642-1","SUSE-SU-2024:3649-1","SUSE-SU-2024:3651-1","SUSE-SU-2024:3652-1","SUSE-SU-2024:3662-1","SUSE-SU-2024:3663-1","SUSE-SU-2024:3685-1","SUSE-SU-2024:3796-1","SUSE-SU-2024:3798-1","SUSE-SU-2024:3803-1","SUSE-SU-2024:3814-1","SUSE-SU-2024:3820-1","SUSE-SU-2024:3821-1","SUSE-SU-2024:3849-1","SUSE-SU-2024:3854-1","SUSE-SU-2024:4180-1","SUSE-SU-2024:4226-1","SUSE-SU-2024:4242-1","SUSE-SU-2024:4249-1","SUSE-SU-2024:4250-1","SUSE-SU-2024:4256-1","SUSE-SU-2024:4263-1","SUSE-SU-2024:4264-1","SUSE-SU-2025:0091-1","SUSE-SU-2025:0101-1","SUSE-SU-2025:0103-1","SUSE-SU-2025:0106-1","SUSE-SU-2025:0137-1","SUSE-SU-2025:0238-1","SUSE-SU-2025:0240-1","SUSE-SU-2025:0244-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/70aed03b1d5a5df974f456cdc8eedb213c94bb8b"},{"type":"FIX","url":"https://git.kernel.org/stable/c/7e71fcedfda6f7de18f850a6b36e78d78b04476f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/883f7897a25e3ce14a7f274ca4c73f49ac84002a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/8a6a240f52e14356386030d8958ae8b1761d2325"},{"type":"FIX","url":"https://git.kernel.org/stable/c/d570c48dd37dbe8fc6875d4461d01a9554ae2560"},{"type":"FIX","url":"https://git.kernel.org/stable/c/067c694d06040db6f0c65281bb358452ca6d85b9"},{"type":"FIX","url":"https://git.kernel.org/stable/c/3b0c406124719b625b1aba431659f5cdc24a982c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/699d926585daa6ec44be556cdc1ab89e5d54557b"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.4.286"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.285"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.249"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.209"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.151"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.71"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.14.10"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47383.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}