CVE-2020-35499
N/A
N/A
Summary
A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | kernel | kernel 5.11 | affected |
Weaknesses
- CWE-476: CWE-476
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.