Описание
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Issue TrackingPatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Issue TrackingPatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.1 ...
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
Уязвимость функции cgroups ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3
7.2 High
CVSS2