CVE-2020-11494: 
Linux Kernel vulnerability analysis and mitigation

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4 (NVD).

The vulnerability exists in the Serial CAN interface driver's slc_bump function where CAN frame headers are not fully initialized before being transmitted. This allows reading of uninitialized kernel stack memory data if stack initialization hardening (CONFIG_INIT_STACK_ALL) is not enabled. The CVSS v3.1 base score is 4.4 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N (NVD, Ubuntu).

A local attacker could exploit this vulnerability to expose sensitive information (kernel memory) by reading uninitialized can_frame data that may contain remnants of previous kernel stack usage (Ubuntu).

The vulnerability was fixed in Linux kernel version 5.6.2 by initializing the entire CAN frame structure using memset() before populating it. Users should update to patched kernel versions. Additionally, enabling CONFIG_INIT_STACK_ALL kernel configuration option provides protection against this vulnerability (Kernel Patch).