A flaw was found in the Linux kernels implementation of XFS filesystem where a key data structure (sb->s_fs_info) may not be de-allocated when the system is under memory pressure. This same datastructure is then used at a later time during filesystem operations. This could allow a local attacker who is able to groom memory to place an attacker-controlled data structure in this location and create a use-after-free situation which can result in memory corruption or possible privilege escalation. Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c9fbd7bbc23dbdd73364be4d045e5d3612cf6e82
Statement: Red Hat Enterprise Linux 7.6.z had fixed this flaw mid release without it being recognised as a CVE. Prior releases of Red Hat Enterprise Linux EUS/AUS will still require the fix to be secure. Trackers have been made and fixes will be available as part of the standard release cycle.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Red Hat Enterprise Linux 7.3 Telco Extended Update Support Via RHSA-2020:0178 https://access.redhat.com/errata/RHSA-2020:0178
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20976
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions Red Hat Enterprise Linux 7.4 Telco Extended Update Support Via RHSA-2020:0592 https://access.redhat.com/errata/RHSA-2020:0592
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2020:0609 https://access.redhat.com/errata/RHSA-2020:0609
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Via RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0661