[PATCH 0/1] [SRU f/linux-oem-5.6] CVE-2020-27830
Tim Gardner
tim.gardner at canonical.com
Fri Mar 5 20:58:16 UTC 2021
[Impact]
NULL-ptr deref in the spk_ttyio_receive_buf2() function in spk_ttyio.c
>From the Ubuntu security team:
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the
Linux kernel did not correctly handle setting line discipline in some situations.
A local attacker could use this to cause a denial of service (system crash).
[Test Case]
None
[Potential regression]
This patch has been released in linux-4.14.y, linux-4.19.y, linux-5.4.y, and linux-5.9.y
More information about the kernel-team
mailing list