CVE-2020-16119

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.4.0-51.56 Linux kernel versions prior to 5.3.0-68.63 Linux kernel versions prior to 4.15.0-121.123 Linux kernel versions prior to 4.4.0-193.224 Linux kernel versions prior to 3.13.0.182.191 Linux kernel versions prior to 3.2.0-149.196

Description The issue is related to a use-after-free vulnerability in the Linux kernel, which can be exploited by a local attacker. This occurs due to the reuse of a DCCP socket with an attached dccps hc tx ccid object as a listener after being released. This vulnerability allows an attacker to potentially access confidential information or cause a denial of service.

Recommendations For Linux kernel version 5.4.0-51.56 and earlier, update to Ubuntu Linux kernel 5.4.0-51.56 or later. For Linux kernel version 5.3.0-68.63 and earlier, update to Ubuntu Linux kernel 5.3.0-68.63 or later. For Linux kernel version 4.15.0-121.123 and earlier, update to Ubuntu Linux kernel 4.15.0-121.123 or later. For Linux kernel version 4.4.0-193.224 and earlier, update to Ubuntu Linux kernel 4.4.0-193.224 or later. For Linux kernel version 3.13.0.182.191 and earlier, update to Ubuntu Linux kernel 3.13.0.182.191 or later. For Linux kernel version 3.2.0-149.196 and earlier, update to Ubuntu Linux kernel 3.2.0-149.196 or later.