2 matches found
K17957133: Linux kernel vulnerability CVE-2019-3701
Security Advisory Description An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the candlc field. Because of a missing check, the CAN drivers may write arbitrary...
CVE-2019-3701
CVE-2019-3701 affects the Linux kernel CAN subsystem (can_can_gw_rcv in net/can/gw.c) up to version 4.19.13. The CAN frame modification rules can apply bitwise logic to can_dlc, enabling a privileged user with CAP_NET_ADMIN to create a can-gw rule that makes the DLC larger than the frame data. Wh...