get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv().
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1884342]
This was fixed for Fedora with the 5.8.7 stable kernel updates.
The issue relevant starting from kernel v5.6 and possible to prevent the issue from triggering by booting with vsyscall=xonly or vsyscall=none.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):