CVE-2020-35499 log

Severity Medium
Remote No
Type Information disclosure
A security issue was found in the Linux kernel before version 5.10.4. A NULL pointer dereference flaw may be seen as the sco_sock_getsockopt function in net/bluetooth/sco.c does not have a sanity check for a socket connection when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with special user privileges to crash the system or leak kernel internal information.
Group Package Affected Fixed Severity Status Ticket
AVG-1394 linux 5.10.3.arch1-1 5.10.4.arch1-1 Medium Fixed