An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T11:35:13.515Z

Reserved: 2020-04-06T00:00:00

Link: CVE-2020-11565

cve-icon Vulnrichment

Updated: 2024-08-04T11:35:13.515Z

cve-icon NVD

Status : Modified

Published: 2020-04-06T01:15:12.447

Modified: 2024-11-21T04:58:09.613

Link: CVE-2020-11565

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-04-01T00:00:00Z

Links: CVE-2020-11565 - Bugzilla

cve-icon OpenCVE Enrichment

No data.