A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1905155 | Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210521-0008/ | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4843 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
07 Nov 2023, 03:21
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2020-12-11 19:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-27825
Mitre link : CVE-2020-27825
CVE.ORG link : CVE-2020-27825
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_mrg
- enterprise_linux
netapp
- cloud_backup
- solidfire_baseboard_management_controller_firmware
- solidfire_baseboard_management_controller
- h410c
- h410c_firmware
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')