QwikSec

Security Database

CVE

CWE

Training

CVE-2020-28941

Published: Nov 19, 2020

Modified: May 29, 2026

PUBLISHED

Description

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=d4122754442799187d5d537a9c039a49a67e57f1

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2020/11/19/3

x_refsource_MISC

https://github.com/torvalds/linux/commit/d4122754442799187d5d537a9c039a49a67e57f1

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d4122754442799187d5d537a9c039a49a67e57f1

x_refsource_MISC

[oss-security] 20201119 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_ldisc_close

mailing-list

x_refsource_MLIST

FEDORA-2020-4700a73bd5

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-8c15928d23

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.