In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a9ed4a6560b8562b7e2e2bed9527e88001f7b682 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=52c479697c9b73f628140dcdfcd39ea302d05482
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1920484]
This was fixed for Fedora with the 5.7.18 stable kernel updates.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1081 https://access.redhat.com/errata/RHSA-2021:1081
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1093 https://access.redhat.com/errata/RHSA-2021:1093
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-0466
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:2099 https://access.redhat.com/errata/RHSA-2021:2099
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:2106 https://access.redhat.com/errata/RHSA-2021:2106
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:2167 https://access.redhat.com/errata/RHSA-2021:2167
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:2190 https://access.redhat.com/errata/RHSA-2021:2190
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:2185 https://access.redhat.com/errata/RHSA-2021:2185
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Via RHSA-2022:0529 https://access.redhat.com/errata/RHSA-2022:0529
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Via RHSA-2022:0533 https://access.redhat.com/errata/RHSA-2022:0533
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Red Hat Enterprise Linux 7.6 Telco Extended Update Support Via RHSA-2022:0531 https://access.redhat.com/errata/RHSA-2022:0531
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0592 https://access.redhat.com/errata/RHSA-2022:0592
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0620 https://access.redhat.com/errata/RHSA-2022:0620
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0622 https://access.redhat.com/errata/RHSA-2022:0622
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Red Hat Enterprise Linux 7.7 Telco Extended Update Support Via RHSA-2022:0712 https://access.redhat.com/errata/RHSA-2022:0712
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Via RHSA-2022:0718 https://access.redhat.com/errata/RHSA-2022:0718
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Via RHSA-2022:1104 https://access.redhat.com/errata/RHSA-2022:1104
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Extended Lifecycle Support Via RHSA-2022:1417 https://access.redhat.com/errata/RHSA-2022:1417