PT-2020-4889 · Linux+5 · Linux Kernel+5

Bodong Zhao

·

Published

2020-11-05

·

Updated

2023-02-24

·

CVE-2020-25669

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux Kernel (affected versions not specified)
Description: A vulnerability was found in the Linux Kernel where the function sunkbd reinit has been scheduled by sunkbd interrupt before sunkbd being freed, causing a Use After Free issue. This is due to an alias in sunkbd reinit even though the dangling pointer is set to NULL in sunkbd disconnect. The vulnerability is related to the use of memory after it has been freed, which may allow an attacker to cause a denial of service.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2020-3408
ALT-PU-2020-3428
ALT-PU-2020-3439
ALT-PU-2020-3454
ALT-PU-2020-3470
ALT-PU-2020-3536
ALT-PU-2020-3553
ALT-PU-2020-3570
ALT-PU-2021-1083
ALT-PU-2021-1093
ALT-PU-2021-1105
ALT-PU-2021-1128
ALT-PU-2021-1211
ALT-PU-2021-1531
ALT-PU-2021-1840
BDU:2020-05454
CVE-2020-25669
DLA-2483-1
DLA-2494-1
MGASA-2021-0030
MGASA-2021-0031
OPENSUSE-SU-2020:2034-1
OPENSUSE-SU-2020:2161-1
OPENSUSE-SU-2020:2260-1
OPENSUSE-SU-2020_2034-1
OPENSUSE-SU-2020_2161-1
OPENSUSE-SU-2020_2260-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
SUSE-SU-2020:3484-1
SUSE-SU-2020:3713-1
SUSE-SU-2020:3715-1
SUSE-SU-2020:3717-1
SUSE-SU-2020:3718-1
SUSE-SU-2020:3748-1
SUSE-SU-2020:3764-1
SUSE-SU-2020:3766-1
SUSE-SU-2020:3798-1
SUSE-SU-2021:0434-1
SUSE-SU-2021:0437-1
SUSE-SU-2021:0438-1
SUSE-SU-2021:0452-1
SUSE-SU-2021:14630-1
SUSE-SU-2021_14630-1
USN-4708-1
USN-4709-1
USN-4749-1
USN-4750-1
USN-4751-1
USN-4912-1

Affected Products

Alt Linux
Astra Linux
Linux Kernel
Linuxmint
Suse
Ubuntu