Multiple Syscalls In kscan Subsystem Performs No Argument Validation

Description

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges.

See NCC-ZEP-006

Environment

None

Assignee

David Brown

Reporter

David Brown

Labels

None

Authorized viewers

Jeremy Boone

CVE

CVE-2020-10058

Embargo Lift

2020/05/01

Fix versions

Affects versions

Priority

Medium
Configure