Kubva pane zvinyorwa zvinyorwa zvekushandisa zvinopihwa sechikamu cheLinux kernel , izvo zvinopa kugona kutenderedza mavara kumashure (CONFIG_VGACON_SOFT_SCROLLBACK). Iko code yakabviswa nekuda kwekuvapo kwezvikanganiso, izvo pakanga pasina munhu wekugadzirisa nekuda kwekushayikwa kwemuchengeti anotarisira kugadzirwa kwevgacon.
Muzhizha pavgacon zvakaratidzwa uye vulnerability (CVE-2020-14331) iyo inogona kutungamira kune buffer kufashukira nekuda kwekushaikwa kwekutarisa kwakaringana kwekuwanikwa kwendangariro inowanikwa mumupumburu buffer. Kusagadzikana kwakakwezva kutarisisa kwevagadziri vakaronga fuzz kuyedzwa kwevgacon kodhi mukati .
Kuwedzera cheki kwakaratidza akati wandei mamwe matambudziko akafanana muvgacon kodhi, pamwe nematambudziko mukuita kwesoftware kupuruzira mutyairi wefbcon. Nehurombo, iyo ine dambudziko kodhi yakagara isina kuchengetedzwa, zvichida nekuda kwekuti vagadziri vakachinjika kushandisa graphical consoles uye zvinyorwa zvemavara zvakadonha kusashanda (vanhu vanoramba vachishandisa vgacon uye fbcon consoles, asi vanga vasiri ivo main kernel interface kwemakumi emakore. uye maficha akadai sekupuruzira akavakirwa mumutyairi (Shift+PageUp/PageDown) anogona kunge ari mudiki kudiwa).
Panyaya iyi, Linus Torvalds akasarudza kusaedza kuchengetedza kodhi isina kutaurwa, asi ingoibvisa. Kana paine vashandisi vanoda basa iri, iyo kodhi yekutsigira kupuruzira mukoni inodzoserwa kune kernel nekukurumidza kana muchengeti awanikwa akagadzirira kutora gadziriso yayo.
Source: opennet.ru