Bug 1874311 (CVE-2020-14381)
| Summary: | CVE-2020-14381 kernel: referencing inode of removed superblock in get_futex_key() causes UAF | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, airlied, bhu, blc, bmasney, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, ptalbert, qzhao, rrakesh2, rt-maint, rvrbovsk, steved, williams |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Linux kernel 5.6-rc6 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-11-04 02:26:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1803822, 1874331, 1874332, 1874333, 1874334, 1874335, 1874336 | ||
| Bug Blocks: | 1870591 | ||
|
Description
Wade Mealing
2020-09-01 02:29:52 UTC
Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254 Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1874332] This was fixed for Fedora with the 5.5.12 stable kernel updates. Acknowledgments: Name: Rakesh Rakesh (Netezza Support) Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254 Does this flaw affects kernel shipped with RHEL 6 ? Is there any CVE tracker page created for this flaw? In reply to comment #16: > Does this flaw affects kernel shipped with RHEL 6 ? Is there any CVE tracker > page created for this flaw? Hi, The CVE Page - https://access.redhat.com/security/cve/CVE-2020-14381 says RHEL-6 = Not affected. Regards YOG. Thanks Yogendra, Team. appreciate it! This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14381 |