In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. Reference: https://android.googlesource.com/kernel/common/+/68faa679b8be1a74e6663c21c3a9d25d3
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1860066]
This was fixed for Fedora with the 5.4.12 stable kernel updates.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Statement: This issue is rated as having Moderate impact because of the preconditions needed to trigger the issue (elevated/root privileges).
External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68faa679b8be1a74e6663c21c3a9d25d32f1c079
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-0305