PT-2020-6651 · Linux+4 · Linux Kernel+4

Minh Yuan

·

Published

2020-02-06

·

Updated

2022-12-09

·

CVE-2022-1419

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the use of memory after it has been freed in the vgem gem dumb create function of the Linux kernel. This can be exploited to allow an attacker to execute arbitrary code. The root cause is that the ioctl$DRM IOCTL MODE DESTROY DUMB can decrease the refcount of drm vgem gem object (created in vgem gem dumb create) concurrently, and vgem gem dumb create will access the freed drm vgem gem object.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2020-1638
ALT-PU-2020-1646
ALT-PU-2020-1761
ALT-PU-2020-1917
ALT-PU-2020-2153
ALT-PU-2020-2164
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2022-02515
CVE-2022-1419
DSA-5173-1
OESA-2022-1677
OPENSUSE-SU-2022_1676-1
OPENSUSE-SU-2022_1687-1
OPENSUSE-SU-2022_2111-1
SUSE-SU-2022:1651-1
SUSE-SU-2022:1668-1
SUSE-SU-2022:1669-1
SUSE-SU-2022:1676-1
SUSE-SU-2022:1686-1
SUSE-SU-2022:1687-1
SUSE-SU-2022:2077-1
SUSE-SU-2022:2082-1
SUSE-SU-2022:2083-1
SUSE-SU-2022:2103-1
SUSE-SU-2022:2111-1
SUSE-SU-2022:2699-1
SUSE-SU-2022:2700-1
SUSE-SU-2022:2709-1
SUSE-SU-2022:2710-1
SUSE-SU-2022:2728-1
SUSE-SU-2022:2745-1
SUSE-SU-2022:2750-1
SUSE-SU-2022:2780-1
SUSE-SU-2022:2789-1
SUSE-SU-2022_1651-1
SUSE-SU-2022_1669-1
SUSE-SU-2022_1676-1
SUSE-SU-2022_1686-1
SUSE-SU-2022_1687-1
SUSE-SU-2022_2700-1
SUSE-SU-2022_2709-1
SUSE-SU-2022_2710-1
SUSE-SU-2022_2728-1
SUSE-SU-2022_2750-1
USN-5466-1
USN-5500-1
USN-5505-1
USN-5513-1

Affected Products

Alt Linux
Astra Linux
Linux Kernel
Suse
Ubuntu