CVE-2023-38409

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-38409

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38409.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-38409

Downstream

DEBIAN-CVE-2023-38409

RHSA-2023:7539

RHSA-2024:0412

RHSA-2024:0439

RHSA-2024:0448

RHSA-2024:0461

RHSA-2024:0562

RHSA-2024:0563

RHSA-2024:1249

RHSA-2024:1250

RHSA-2024:1268

RHSA-2024:1269

RHSA-2024:1306

RHSA-2024:1332

RHSA-2024:2950

RHSA-2024:3138

SUSE-SU-2023:3302-1

SUSE-SU-2023:3311-1

SUSE-SU-2023:3376-1

UBUNTU-CVE-2023-38409

Related

Published

2023-07-17T22:15:09Z

Modified

2025-08-09T19:01:26Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted (the con2fbmap points at the old fb_info).

References

Affected packages