CVE-2020-25670: Use After Free

First published: Wed May 26 2021(Updated: )

A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Kernel	>=3.6<4.4.267
Linux Kernel	>=4.5<4.9.267
Linux Kernel	>=4.10<4.14.231
Linux Kernel	>=4.15<4.19.187
Linux Kernel	>=4.20<5.4.112
Linux Kernel	>=5.5<5.10.30
Linux Kernel	>=5.11<5.11.14
Fedoraproject Fedora	=32
Fedoraproject Fedora	=33
Fedoraproject Fedora	=34
netapp active iq unified manager vsphere
netapp cloud backup
netapp solidfire baseboard management controller firmware
netapp solidfire baseboard management controller
netapp h410c firmware
netapp h410c
netapp h300s firmware
netapp h300s
NetApp H500S Firmware
netapp h500s
netapp h700s firmware
netapp h700s
netapp h300e firmware
netapp h300e
netapp h500e firmware
netapp h500e
netapp h700e firmware
netapp h700e
netapp h410s firmware
netapp h410s
Debian Debian Linux	=9.0
All of
netapp solidfire baseboard management controller firmware
netapp solidfire baseboard management controller
All of
netapp h410c firmware
netapp h410c
All of
netapp h300s firmware
netapp h300s
All of
NetApp H500S Firmware
netapp h500s
All of
netapp h700s firmware
netapp h700s
All of
netapp h300e firmware
netapp h300e
All of
netapp h500e firmware
netapp h500e
All of
netapp h700e firmware
netapp h700e
All of
netapp h410s firmware
netapp h410s
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.10-1 6.12.11-1

Never miss a vulnerability like this again

Reference Links

agent/type
collector/launchpad-cve
source/Launchpad
agent/author
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
agent/remedy
agent/references
agent/first-publish-date
collector/usn-cve
source/Ubuntu
agent/description
agent/event
agent/last-modified-date
agent/trending
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/softwarecombine
agent/tags
collector/security-tracker-debian
source/Debian
vendor/linux
canonical/linux kernel
version/linux kernel/3.6
version/linux kernel/4.5
version/linux kernel/4.10
version/linux kernel/4.15
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/32
version/fedoraproject fedora/33
version/fedoraproject fedora/34
vendor/netapp
canonical/netapp active iq unified manager vsphere
canonical/netapp cloud backup
canonical/netapp solidfire baseboard management controller firmware
canonical/netapp solidfire baseboard management controller
canonical/netapp h410c firmware
canonical/netapp h410c
canonical/netapp h300s firmware
canonical/netapp h300s
canonical/netapp h500s firmware
canonical/netapp h500s
canonical/netapp h700s firmware
canonical/netapp h700s
canonical/netapp h300e firmware
canonical/netapp h300e
canonical/netapp h500e firmware
canonical/netapp h500e
canonical/netapp h700e firmware
canonical/netapp h700e
canonical/netapp h410s firmware
canonical/netapp h410s
vendor/debian
canonical/debian debian linux
version/debian debian linux/9.0
package-manager/debian

CVE-2020-25670: Use After Free

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact