Richard Palethorpe

Researcher fromSUSE
#17082of 53,633
15.6Total CVSS
Vulnerabilities · 3
Medium
3
PT-2024-11849
5.5
2022-12-01
Linux · Linux Kernel · CVE-2022-48984
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.0.8-1-default **Description** A crash in the slcan driver occurs due to a freed work crash. The LTP test pty03 causes this crash, resulting in a kernel NULL pointer dereference. The issue arises when the slcan's tx work is freed while being scheduled, and the work is not flushed under all circumstances. **Recommendations** To resolve the issue, add an additional flush work() to slcan close() to ensure the work is flushed under all circumstances. Consider temporarily disabling the slcan driver until a patch is available. Restrict access to the vulnerable slcan module to minimize the risk of exploitation. Avoid using the `tx work` variable in the affected slcan driver until the issue is resolved.
PT-2020-5268
4.6
2020-04-01
Linux · Linux Kernel · CVE-2020-11494
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 3.16 through 5.6.2 **Description** An issue in the Linux kernel allows attackers to read uninitialized can frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG INIT STACK ALL. This issue is related to the slc bump function in drivers/net/can/slcan.c. The exploitation of this issue may allow an attacker to gain unauthorized access to protected information. **Recommendations** For Linux kernel versions 3.16 through 5.6.2, consider updating to a version that includes the necessary configuration changes to mitigate this issue, such as enabling CONFIG INIT STACK ALL. As a temporary workaround, consider restricting access to the slc bump function in drivers/net/can/slcan.c to minimize the risk of exploitation.
PT-2017-13961
5.5
2017-07-12
Linux · Linux Kernel · CVE-2017-15274
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.11.5 **Description** The issue allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add key or keyctl system call. This occurs because the Linux kernel does not consider the case of a NULL payload in conjunction with a nonzero length value. **Recommendations** For Linux kernel versions prior to 4.11.5, update to version 4.11.5 or later to resolve the issue.