A flaw was found in the Linux kernels fast user mutex (futex) wait operation which indexed a file (vi inode) mapping that was no longer valid. This requires an attacker with a local account to be able to issue a FUTEX_WAIT (man futex) on a filesystem which is about to be unmounted. The superblock operations on this referenced struct would be able to create a use-after-free. This could allow for memory corruption and possible privilege escalation.
Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1874332]
This was fixed for Fedora with the 5.5.12 stable kernel updates.
Acknowledgments: Name: Rakesh Rakesh (Netezza Support)
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254
Does this flaw affects kernel shipped with RHEL 6 ? Is there any CVE tracker page created for this flaw?
In reply to comment #16: > Does this flaw affects kernel shipped with RHEL 6 ? Is there any CVE tracker > page created for this flaw? Hi, The CVE Page - https://access.redhat.com/security/cve/CVE-2020-14381 says RHEL-6 = Not affected. Regards YOG.
Thanks Yogendra, Team. appreciate it!
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14381