CVE-2019-20172

Published: Dec 31, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/SerenityOS/serenity/commit/0fc24fe2564736689859e7edfa177a86dac36bf9

x_refsource_MISC

https://github.com/Fire30/CTF-WRITEUPS/tree/master/36c3_ctf/wisdom

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-20172

Description

Affected Products

References