Bugzilla – Bug 1168831
VUL-1: CVE-2020-11565: kernel-source: out-of-bounds write due to improper handling of an empty nodelist during mount option parsing
Last modified: 2020-06-10 16:03:47 UTC
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in
mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist
is mishandled during mount option parsing, aka CID-aa9f7d5172fa.
While the issue is real, this requires root to mount the tmpfs. So what is the security aspect of this bug?
Tracked as affected as back as 2.6.32
This here says that this has been disputed in the meantime: