CVE-2020-35499 – A NULL pointer dereference flaw in kernel versions prior to 5.11 may be seen if sco_sock_g …

19 February 2021

Vuln ID: CVE-2020-35499

Published: 2021-02-19 20:15:12Z

Description: A NULL pointer dereference flaw in kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information.

Source: NVD.NIST.GOV

Date:

19 February 2021

Categorie(s):

NVD

Tag(s):

NVD

Understanding Latrodectus: A Stealthy Cyber Threat23 April 2024
Volkswagen Group’s Systems Hacked: 19,000+ Documents Stolen23 April 2024
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)23 April 2024
Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites23 April 2024
Trellix Email Security for Microsoft Office 365 improves email defense23 April 2024