CVE-2019-20172

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt