CVE-2020-10942
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5.4 (Medium)
EPSS
0.06 % (28th)
Affected Products
4
Advisories
32
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
Weaknesses
- CWE-787
- Out-of-bounds Write
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2020-03-24 22:15:12
(4 years ago) - Updated Date
-
2022-04-22 19:06:12
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...