PT-2020-1260 · Linux+7 · Linux Kernel+7

Jann Horn

·

Published

2020-06-03

·

Updated

2024-02-15

·

CVE-2020-29368

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.7.5
Description The issue is related to the split huge pmd function in the mm/huge memory.c file of the Linux kernel. It involves a race condition in a THP mapcount check, which can grant unintended write access due to the copy-on-write implementation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.
Recommendations For Linux kernel versions prior to 5.7.5, update to version 5.7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the split huge pmd function until a patch is available. However, the most effective solution is to update the kernel to a version that includes the fix for this issue.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2021:4356
ALT-PU-2020-2226
ALT-PU-2020-2234
ALT-PU-2020-2362
ALT-PU-2020-2409
ALT-PU-2020-2432
ALT-PU-2020-2687
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
ASB-A-174738029
BDU:2020-05546
CESA-2021_4140
CESA-2021_4356
CVE-2020-29368
OPENSUSE-SU-2021:0393-1
OPENSUSE-SU-2021_0393-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
RHSA-2022:5220
RHSA-2022:5224
RHSA-2022:5626
RHSA-2022:5633
SUSE-SU-2021:0359-1
SUSE-SU-2021:0362-1
SUSE-SU-2021:0367-1
SUSE-SU-2021:0377-1
SUSE-SU-2021:0386-1
SUSE-SU-2021:0735-1
SUSE-SU-2021:0736-1
SUSE-SU-2021:0737-1
SUSE-SU-2021:0738-1
SUSE-SU-2021:0740-1
SUSE-SU-2021:0741-1
SUSE-SU-2021:0808-1
SUSE-SU-2021:0809-1
SUSE-SU-2021:0818-1
SUSE-SU-2021:0823-1
SUSE-SU-2021:0826-1
SUSE-SU-2021:0840-1
SUSE-SU-2021:0841-1
SUSE-SU-2021:0842-1
SUSE-SU-2021:0849-1
SUSE-SU-2021:0853-1
SUSE-SU-2021:0859-1
SUSE-SU-2021:0864-1
SUSE-SU-2021:0868-1
SUSE-SU-2021:0869-1
SUSE-SU-2021:1046-1
SUSE-SU-2021:1175-1
SUSE-SU-2021:1176-1
SUSE-SU-2021:1210-1
SUSE-SU-2021_0359-1
SUSE-SU-2021_0386-1
SUSE-SU-2021_0736-1
SUSE-SU-2021_0737-1
SUSE-SU-2021_0740-1
SUSE-SU-2021_0840-1
SUSE-SU-2021_0864-1
SUSE-SU-2021_0869-1
USN-4752-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu