high
7.8
CWE
416 362
Advisory Published
CVE Published
Updated

CVE-2020-12657: Use After Free

First published: Tue May 05 2020(Updated: )

A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
redhat/kernel-rt<0:4.18.0-193.6.3.rt13.59.el8_2
0:4.18.0-193.6.3.rt13.59.el8_2
redhat/kernel<0:4.18.0-193.6.3.el8_2
0:4.18.0-193.6.3.el8_2
redhat/kernel<0:4.18.0-80.23.2.el8_0
0:4.18.0-80.23.2.el8_0
redhat/kernel<0:4.18.0-147.20.1.el8_1
0:4.18.0-147.20.1.el8_1
Linux Linux kernel<5.6.5
redhat/kernel<5.6.5
5.6.5
debian/linux
5.10.223-1
5.10.226-1
6.1.115-1
6.1.119-1
6.11.10-1
6.12.5-1

Remedy

The default io scheduler for Red Hat Enterprise Linux 8 is the mq-deadline scheduler, however it can be configured to any of the available schedulers available on the system on a per-device basis. The schedulers in use can be verified by the block devices entry in sysfs, for example for "sda": # cat /sys/block/sda/queue/scheduler [mq-deadline] kyber bfq none All block devices in the system will need to be changed to be mitigated. If the system workload requires bfq, this may not be an acceptable workaround however some systems may find changing io schedulers to be an acceptable workaround until system updates can be applied. See https://access.redhat.com/solutions/3756041 for how to configure the io scheduler persistently across system reboots or contact Red Hat Global Support Services.

Remedy

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9

Remedy

https://github.com/torvalds/linux/commit/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9

Remedy

https://patchwork.kernel.org/patch/11447049/

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203