2 matches found
CVE-2020-11494
The CVE-2020-11494 issue affects the Linux kernel slcan (serial line CAN) driver: in slcan.c, CAN headers for received packets may not be fully initialised when receiving data, enabling local attackers to read uninitialised can_frame data from kernel memory (information leak). Root cause is incom...
CVE-2020-11565
CVE-2020-11565: Linux kernel through 5.6.2 contains a stack-based out-of-bounds write in mpol_parse_str (mm/mempolicy.c) when an empty nodelist is encountered during mount option parsing. Affected by a disclosed mitigation note (some security community members dispute it as a vulnerability). Conn...