A vulnerability was found in may_create_in_sticky in fs/namei.c of Linux kernel which has a possible use-after-free. This can allow a local user to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory. One attack vector may be an open system call for a UNIX domain socket if the socket file is being moved to a new parent directory and its old parent directory is being removed.
At this time no Red Hat products are affected by this flaw.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1796940]
This was fixed for Fedora with the 5.4.16 stable kernel updates.
I have requested a backport of the security feature here: https://bugzilla.redhat.com/show_bug.cgi?id=1797843 for Red Hat Enterprise Linux 8.
Just to be clear, Red Hat Enterprise 8 is -not- affected by this flaw, the security feature has the flaw.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):