PT-2020-6661 · Linux+5 · Linux Kernel+5

Kiyin

·

Published

2020-11-02

·

Updated

2023-02-12

·

CVE-2020-25670

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description The issue is related to the use of memory after it has been freed in the llcp sock bind() function of the NFC protocol in the Linux kernel. This could allow a local attacker to access sensitive data, compromise its integrity, and cause a denial of service. The vulnerability might also lead to privilege escalations.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2021-1666
ALT-PU-2021-1698
ALT-PU-2021-1706
ALT-PU-2021-1711
ALT-PU-2021-1720
ALT-PU-2021-1739
ALT-PU-2021-1763
ALT-PU-2021-1768
ALT-PU-2021-1776
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1869
ALT-PU-2021-1896
ALT-PU-2021-2370
ALT-PU-2021-2671
ALT-PU-2021-2672
ALT-PU-2021-2677
ALT-PU-2021-2678
ALT-PU-2021-2737
ALT-PU-2021-2751
ALT-PU-2021-3430
ALT-PU-2022-1240
BDU:2022-03139
CVE-2020-25670
DLA-2689-1
DLA-2690-1
MGASA-2021-0191
MGASA-2021-0192
OPENSUSE-SU-2021:0579-1
OPENSUSE-SU-2021:0758-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0579-1
OPENSUSE-SU-2021_0758-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
SUSE-SU-2021:1210-1
SUSE-SU-2021:1211-1
SUSE-SU-2021:1238-1
SUSE-SU-2021:1248-1
SUSE-SU-2021:1266-1
SUSE-SU-2021:1301-1
SUSE-SU-2021:1573-1
SUSE-SU-2021:1596-1
SUSE-SU-2021:1617-1
SUSE-SU-2021:1623-1
SUSE-SU-2021:1624-1
SUSE-SU-2021:1625-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021_1248-1
SUSE-SU-2021_1301-1
SUSE-SU-2022:0234-1
SUSE-SU-2022:0243-1
SUSE-SU-2022:0255-1
SUSE-SU-2022:0263-1
SUSE-SU-2022:0291-1
SUSE-SU-2022:0293-1
SUSE-SU-2022:0296-1
SUSE-SU-2022:0325-1
SUSE-SU-2022_0234-1
SUSE-SU-2022_0263-1
USN-4948-1
USN-4977-1
USN-4979-1
USN-4982-1
USN-4999-1
USN-5343-1

Affected Products

Alt Linux
Astra Linux
Linux Kernel
Linuxmint
Suse
Ubuntu