CVE-2020-29660

Опубликовано: 04 дек. 2020

Источник: redhat

CVSS3: 4.4

Описание

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free.

Отчет

This flaw is rated as having Low impact (Red Hat Enterprise Linux 7) because of the need to have CAP_SYS_TTY_CONFIG privileges. This flaw is rated as having Moderate (Red Hat Enterprise Linux 8) impact because of the need to have CAP_SYS_TTY_CONFIG privileges. Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to exercise this vulnerability.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Fix deferred
Red Hat Enterprise Linux 7	kernel-alt	Will not fix
Red Hat Enterprise Linux 7	kernel-rt	Fix deferred
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2021:4140	09.11.2021
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2021:4356	09.11.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-667->CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1906522kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free

4.4 Medium

CVSS3