Race condition in slip and slcan line discipline leads to use-after-free vulnerability in Linux kernel (CVE-2020-12345)

Race condition in slip and slcan line discipline leads to use-after-free vulnerability in Linux kernel (CVE-2020-12345)

CVE-2020-14416 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.