APPLIED: [PATCH 0/1] [SRU f/linux-oem-5.6] CVE-2020-27830
Tim Gardner
tim.gardner at canonical.com
Fri Mar 19 16:54:49 UTC 2021
Applied to focal/linux-oem-5.6-next. Thanks.
-rtg
On 3/5/21 1:58 PM, Tim Gardner wrote:
> [Impact]
> NULL-ptr deref in the spk_ttyio_receive_buf2() function in spk_ttyio.c
>
> From the Ubuntu security team:
> Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the
> Linux kernel did not correctly handle setting line discipline in some situations.
> A local attacker could use this to cause a denial of service (system crash).
>
> [Test Case]
> None
>
> [Potential regression]
> This patch has been released in linux-4.14.y, linux-4.19.y, linux-5.4.y, and linux-5.9.y
>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list