Note:
This project will be discontinued after December 13, 2021. [more]
2020-01-29
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.
Products | Linux_kernel |
Type | Use After Free (CWE-416) |
First patch | - None (likely due to unavailable code) |
Links |
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d0cb50185ae942b03c4327be322055d622dc79f6
• http://www.openwall.com/lists/oss-security/2020/01/28/4 • https://github.com/torvalds/linux/commit/d0cb50185ae942b03c4327be322055d622dc79f6 • https://www.openwall.com/lists/oss-security/2020/01/28/2 • http://www.openwall.com/lists/oss-security/2020/02/02/1 |