Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-11494: slcan: Don't transmit uninitialized stack data in padding · torvalds/linux@b9258a2

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.

CVE
#linux#chrome

Permalink

Browse files

slcan: Don’t transmit uninitialized stack data in padding

struct can_frame contains some padding which is not explicitly zeroed in slc_bump. This uninitialized data will then be transmitted if the stack initialization hardening feature is not enabled (CONFIG_INIT_STACK_ALL).

This commit just zeroes the whole struct including the padding.

Signed-off-by: Richard Palethorpe [email protected] Fixes: a1044e3 (“can: add slcan driver for serial/USB-serial CAN adapters”) Reviewed-by: Kees Cook [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Acked-by: Marc Kleine-Budde [email protected] Signed-off-by: David S. Miller [email protected]

  • Loading branch information

Showing with 1 addition and 3 deletions.

  1. +1 −3 drivers/net/can/slcan.c

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907