Vulnerabilities > CVE-2020-28941 - Release of Invalid Pointer or Reference vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.

Vulnerable Configurations

Part Description Count
OS
Linux
4614
OS
Fedoraproject
2
OS
Debian
1

Common Weakness Enumeration (CWE)

References