Medium severity5.9NVD Advisory· Published Jun 24, 2021· Updated Jun 17, 2026
CVE-2020-28097
CVE-2020-28097
Description
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
67- Linux/Linux kerneldescription
- osv-coords65 versionspkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-preempt&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_28&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 5.3.18-150300.59.49.1+ 64 more
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.38.40.4
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1.150300.18.31.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.38.40.4
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.38.40.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.38.40.4
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 5.3.18-150300.59.49.1.150300.18.31.1
- (no CPE)range: < 5.3.18-150300.59.49.1.150300.18.31.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.2
- (no CPE)range: < 1-150300.7.3.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-10.78.1
- (no CPE)range: < 5.3.18-150300.76.1
- (no CPE)range: < 5.3.18-150300.76.1
- (no CPE)range: < 4.12.14-10.78.1
- (no CPE)range: < 5.3.18-150300.76.1
- (no CPE)range: < 5.3.18-150300.38.40.4
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-10.78.1
- (no CPE)range: < 5.3.18-150300.76.1
- (no CPE)range: < 5.3.18-150300.38.40.1
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 4.12.14-16.88.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-122.110.1
- (no CPE)range: < 4.12.14-10.78.1
- (no CPE)range: < 5.3.18-150300.76.1
- (no CPE)range: < 5.3.18-150300.59.49.1
- (no CPE)range: < 1-8.3.2
Patches
Vulnerability mechanics
References
5- cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10nvdPatchVendor Advisory
- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdPatchVendor Advisory
- github.com/torvalds/linux/commit/973c096f6a85e5b5f2a295126ba6928d9a6afd45nvdPatchThird Party Advisory
- seclists.org/oss-sec/2020/q3/176nvdExploitMailing ListPatchThird Party Advisory
- security.netapp.com/advisory/ntap-20210805-0001/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.