PT-2020-3501 · Linux+2 · Linux Kernel+2

Published

2020-01-22

Updated

2022-05-03

CVE-2020-14416

CVSS v2.0

4.7

Medium

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.4.16

Description A race condition in the handling of tty->disc data in the slip and slcan line discipline could lead to a use-after-free. This issue affects the drivers/net/slip/slip.c and drivers/net/can/slcan.c files. The exploitation of this issue could allow an attacker to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.4.16, update to version 5.4.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected drivers, drivers/net/slip/slip.c and drivers/net/can/slcan.c, to minimize the risk of exploitation.

Fix

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALT-PU-2020-1122

ALT-PU-2020-1131

ALT-PU-2020-1161

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-03830

CVE-2020-14416

LSN-0069-1

OPENSUSE-SU-2020:0935-1

OPENSUSE-SU-2020:1153-1

OPENSUSE-SU-2020_0935-1

OPENSUSE-SU-2020_1153-1

OPENSUSE-SU-2021:0242-1

OPENSUSE-SU-2021_0242-1

SUSE-SU-2020:14442-1

SUSE-SU-2020:2027-1

SUSE-SU-2020:2103-1

SUSE-SU-2020:2105-1

SUSE-SU-2020:2106-1

SUSE-SU-2020:2107-1

SUSE-SU-2020:2119-1

SUSE-SU-2020:2121-1

SUSE-SU-2020:2122-1

SUSE-SU-2020:2134-1

SUSE-SU-2020:2152-1

SUSE-SU-2020:2156-1

SUSE-SU-2020:2478-1

SUSE-SU-2020:2487-1

Affected Products

Alt Linux

Linux Kernel

Suse

PT-2020-3501 · Linux+2 · Linux Kernel+2

CVE-2020-14416

Weakness Enumeration

Related Identifiers

Affected Products

References · 1121