Back to bug 1849926
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2020-06-23 08:09:37 UTC | Blocks | 1849927 | |
| Rohit Keshri | 2020-06-23 17:58:24 UTC | CC | rkeshri | |
| Rohit Keshri | 2020-06-23 19:42:31 UTC | Doc Text | A use-after-free flaw was found in slcan_write_wakeup in drivers/net/can/slcan.c in serial CAN module slcan. A race condition (when a communicate with can using slcan) between write (Schedule the transmit) and closing (flushing out any pending queues) the SLCAN channel. A local attacker with special user (or root) privilege can cause a denial of service (DoS) . This vulnerability could even lead to a kernel information leak threat. | |
| Wade Mealing | 2020-06-24 00:29:55 UTC | Summary | CVE-2020-14416 kernel: a race condition could lead to a use-after-free | CVE-2020-14416 kernel: slcan : race over tty->disc_data can lead use-after-free. |
| Wade Mealing | 2020-06-24 00:30:19 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Rohit Keshri | 2020-06-24 09:20:56 UTC | Depends On | 1850406, 1850405, 1850404, 1850403, 1850402 | |
| Rohit Keshri | 2020-06-24 09:26:18 UTC | Comment | 0 | updated |
| Petr Matousek | 2020-06-24 09:48:39 UTC | CC | pmatouse | |
| Summary | CVE-2020-14416 kernel: slcan : race over tty->disc_data can lead use-after-free. | CVE-2020-14416 kernel: slcan : race over tty->disc_data can lead use-after-free | ||
| Dave Baker | 2020-07-06 14:59:24 UTC | Doc Text | A use-after-free flaw was found in slcan_write_wakeup in drivers/net/can/slcan.c in serial CAN module slcan. A race condition (when a communicate with can using slcan) between write (Schedule the transmit) and closing (flushing out any pending queues) the SLCAN channel. A local attacker with special user (or root) privilege can cause a denial of service (DoS) . This vulnerability could even lead to a kernel information leak threat. | A use-after-free flaw was found in slcan_write_wakeup in drivers/net/can/slcan.c in serial CAN module slcan. A race condition (when a communicate with can using slcan) between write (Schedule the transmit) and closing (flushing out any pending queues) the SLCAN channel. A local attacker with special user (or root) privilege can cause a denial of service (DoS). This vulnerability could even lead to a kernel information leak threat. |
| RaTasha Tillery-Smith | 2020-08-05 13:40:59 UTC | Doc Text | A use-after-free flaw was found in slcan_write_wakeup in drivers/net/can/slcan.c in serial CAN module slcan. A race condition (when a communicate with can using slcan) between write (Schedule the transmit) and closing (flushing out any pending queues) the SLCAN channel. A local attacker with special user (or root) privilege can cause a denial of service (DoS). This vulnerability could even lead to a kernel information leak threat. | A use-after-free flaw was found in slcan_write_wakeup in drivers/net/can/slcan.c in the serial CAN module slcan. A race condition occurs when communicating with can using slcan between the write (scheduling the transmit) and closing (flushing out any pending queues) the SLCAN channel. This flaw allows a local attacker with special user or root privileges to cause a denial of service or a kernel information leak. The highest threat from this vulnerability is to system availability. |
| Rakesh | 2020-08-27 06:28:08 UTC | CC | rrakesh2 | |
| PnT Account Manager | 2020-09-15 20:44:54 UTC | CC | labbott | |
| Petr Matousek | 2021-01-14 14:53:50 UTC | CC | blc, mlangsdo, walters | |
| Red Hat Bugzilla | 2021-03-23 23:39:42 UTC | CC | matt | |
| Red Hat Bugzilla | 2021-05-30 12:01:27 UTC | CC | blc | |
| Red Hat Bugzilla | 2021-05-30 12:34:13 UTC | CC | bhu | |
| Jeff Fearn 🐞 | 2021-06-03 11:11:02 UTC | CC | blc | |
| Jeff Fearn 🐞 | 2021-06-03 11:54:45 UTC | CC | bhu | |
| Red Hat Bugzilla | 2021-09-15 05:47:04 UTC | CC | jglisse | |
| Red Hat Bugzilla | 2022-04-23 08:28:54 UTC | CC | esammons | |
| Red Hat Bugzilla | 2022-07-16 03:20:34 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-16 07:30:19 UTC | CC | rrakesh2 | |
| Red Hat Bugzilla | 2022-12-31 23:36:12 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:41:51 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-06-14 21:29:43 UTC | CC | mcressma | |
| Red Hat Bugzilla | 2023-07-07 08:35:11 UTC | Assignee | security-response-team | nobody |
Back to bug 1849926