PT-2020-4970 · Linux+4 · Linux Kernel+4

Published

2020-07-24

Updated

2023-07-28

CVE-2020-29369

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.7.11

Description A race condition exists between certain expand functions (expand downwards and expand upwards) and page-table free operations from an munmap call. This issue can be exploited to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.7.11, update to version 5.7.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the mm/mmap.c functions to minimize the risk of exploitation.

Exploit

Fix

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALT-PU-2020-2477

ALT-PU-2020-2494

ALT-PU-2020-2510

ALT-PU-2020-2687

ALT-PU-2020-2716

ALT-PU-2021-1105

ALT-PU-2021-1621

ALT-PU-2021-1656

ALT-PU-2021-1739

ALT-PU-2021-1862

ALT-PU-2021-1866

ALT-PU-2021-1870

BDU:2020-05547

CVE-2020-29369

OPENSUSE-SU-2020:2161-1

OPENSUSE-SU-2020:2260-1

OPENSUSE-SU-2020_2161-1

OPENSUSE-SU-2020_2260-1

OPENSUSE-SU-2021:0242-1

OPENSUSE-SU-2021_0242-1

SUSE-SU-2020:3713-1

SUSE-SU-2020:3748-1

SUSE-SU-2020:3764-1

SUSE-SU-2020:3843-1

SUSE-SU-2020_3843-1

USN-4752-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2020-4970 · Linux+4 · Linux Kernel+4

CVE-2020-29369

Weakness Enumeration

Related Identifiers

Affected Products

References · 907