Описание
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
A flaw was found in the Linux kernel's ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI.
Меры по смягчению последствий
Ext4 filesytems are built into the kernel so it is not possible to prevent the kernel module from loading. However, this flaw can be prevented by disallowing mounting of untrusted filesystems. As mounting is a privileged operation, (except for device hotplug) removing the ability for mounting and unmounting will prevent this flaw from being exploited.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2020:4062 | 29.09.2020 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2020:2104 | 12.05.2020 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2020:4060 | 29.09.2020 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | kernel | Fixed | RHSA-2020:5430 | 15.12.2020 |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | kernel | Fixed | RHSA-2020:5430 | 15.12.2020 |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | kernel | Fixed | RHSA-2020:5430 | 15.12.2020 |
| Red Hat Enterprise Linux 7.6 Extended Update Support | kernel | Fixed | RHSA-2020:5656 | 22.12.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, ...
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
Уязвимость функций ext4_put_super, dump_orphan_list ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.8 High
CVSS3