A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1905155 | Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210521-0008/ | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4843 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1905155 | Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210521-0008/ | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4843 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
21 Nov 2024, 05:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1905155 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html - Mailing List, Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20210521-0008/ - Third Party Advisory | |
References | () https://www.debian.org/security/2021/dsa-4843 - Third Party Advisory |
07 Nov 2023, 03:21
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2020-12-11 19:15
Updated : 2024-11-21 05:21
NVD link : CVE-2020-27825
Mitre link : CVE-2020-27825
CVE.ORG link : CVE-2020-27825
JSON object : View
Products Affected
netapp
- cloud_backup
- solidfire_baseboard_management_controller
- h410c_firmware
- h410c
- solidfire_baseboard_management_controller_firmware
redhat
- enterprise_linux
- enterprise_mrg
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')