In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T11:21:14.585Z

Reserved: 2020-03-24T00:00:00

Link: CVE-2020-10942

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-24T22:15:12.470

Modified: 2024-11-21T04:56:25.320

Link: CVE-2020-10942

cve-icon Redhat

Severity : Low

Publid Date: 2020-03-22T00:00:00Z

Links: CVE-2020-10942 - Bugzilla

cve-icon OpenCVE Enrichment

No data.