CVE-2024-50048: 
Linux Kernel vulnerability analysis and mitigation

A NULL pointer dereference vulnerability was discovered in the Linux kernel's fbcon (framebuffer console) subsystem, identified as CVE-2024-50048. The vulnerability was found by syzbot in the fbcon_putcs function. The issue affects Linux kernel versions up to 6.1.113, versions 6.2 through 6.6.57, and versions 6.7 through 6.11.4 (NVD).

The vulnerability occurs when calling ioctl(fd, FBIOPUTCON2FBMAP, &con2fb) after a previous ioctl(fd1, TIOCLINUX, &param) call. This sequence triggers an execution path through setcon2fbmap -> con2fbinitdisplay -> fbconsetdisp -> redrawscreen -> hidecursor -> clearselection -> highlight -> invertscreen -> doupdateregion -> fbconputcs -> ops->putcs, where ops->putcs is a NULL pointer. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

When exploited, this vulnerability leads to a kernel panic due to the NULL pointer dereference, resulting in a denial of service condition. The impact is limited to local attacks and requires low privileges to execute (NVD).

The vulnerability has been fixed by adding a call to setblittingtype() within setcon2fbmap() to properly initialize ops->putcs. The fix has been incorporated into various Linux kernel versions through security updates. Users should update their kernel to versions 6.1.113 or later, 6.6.57 or later, or 6.11.4 or later (NVD).