oss-sec mailing list archives
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
From: Marcus Meissner <meissner () suse de>
Date: Tue, 8 Dec 2020 08:38:01 +0100
Hi, CVE-2020-27830 was assigned on linux-distros by Redhat. (It might be good to keep discussions on oss-security after publication to avoid parallel threads.) Ciao, Marcus On Mon, Dec 07, 2020 at 07:02:02PM +0800, - Nop wrote:
Hi, yes, we asked for a CVE in the original email sent to linux-distros () vs openwall org. Thanks, Bodong Zhao On Mon, Dec 7, 2020 at 6:23 PM John Haxby <john.haxby () oracle com> wrote:On 7 Dec 2020, at 02:20, Shisong Qin <qinshisong1205 () gmail com> wrote: Recently we found another NULL-ptr deref BUG in spk_ttyio.c in the latest Linux kernel(5.9.11 is the latest at that now). In the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.Did you ask for a CVE for bug? jch
Current thread:
- Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 Shisong Qin (Dec 06)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 John Haxby (Dec 07)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 - Nop (Dec 07)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 Marcus Meissner (Dec 07)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 - Nop (Dec 08)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 - Nop (Dec 07)
- Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 John Haxby (Dec 07)