Vulnerability Details : CVE-2020-25220
The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.
Vulnerability category: Memory Corruption
Products affected by CVE-2020-25220
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-25220
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 12 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-25220
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2020-25220
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-25220
-
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
[SECURITY] [DLA 2420-2] linux regression updateMailing List;Third Party Advisory
-
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=82fd2138a5ffd7e0d4320cdb669e115ee976a26e
kernel/git/stable/linux.git - Linux kernel stable treeIssue Tracking;Patch;Vendor Advisory
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.233
Release Notes;Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1868453
1868453 – (CVE-2020-14356) CVE-2020-14356 kernel: Use After Free vulnerability in cgroup BPF componentIssue Tracking;Patch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
[SECURITY] [DLA 2420-1] linux security updateMailing List;Third Party Advisory
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.194
Release Notes;Vendor Advisory
-
https://www.spinics.net/lists/stable/msg405099.html
[PATCH stable-4.9] cgroup: add missing skcd->no_refcnt check in cgroup_sk_alloc() — Linux Stable Kernel UpdatesMailing List;Patch;Third Party Advisory
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140
Release Notes;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20201001-0004/
CVE-2020-25220 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
Jump to