First published: Fri Dec 04 2020(Updated: )
A locking issue was discovered in the tty subsystem of the Linux kernel in drivers/tty/tty_jobctrl.c which could allow an attacker with a local account to possibly corrupt memory or escalate privileges. Reference and upstream patch: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-754.39.1.el6 | 0:2.6.32-754.39.1.el6 |
redhat/kernel-rt | <0:3.10.0-1160.21.1.rt56.1158.el7 | 0:3.10.0-1160.21.1.rt56.1158.el7 |
redhat/kernel-alt | <0:4.14.0-115.35.1.el7a | 0:4.14.0-115.35.1.el7a |
redhat/kernel | <0:3.10.0-1160.21.1.el7 | 0:3.10.0-1160.21.1.el7 |
redhat/kernel | <0:3.10.0-693.87.1.el7 | 0:3.10.0-693.87.1.el7 |
redhat/kernel | <0:3.10.0-957.70.1.el7 | 0:3.10.0-957.70.1.el7 |
redhat/kernel | <0:3.10.0-1062.46.1.el7 | 0:3.10.0-1062.46.1.el7 |
redhat/kernel-rt | <0:4.18.0-240.15.1.rt7.69.el8_3 | 0:4.18.0-240.15.1.rt7.69.el8_3 |
redhat/kernel | <0:4.18.0-240.15.1.el8_3 | 0:4.18.0-240.15.1.el8_3 |
redhat/kernel | <0:4.18.0-147.43.1.el8_1 | 0:4.18.0-147.43.1.el8_1 |
redhat/kernel-rt | <0:4.18.0-193.46.1.rt13.96.el8_2 | 0:4.18.0-193.46.1.rt13.96.el8_2 |
redhat/kernel | <0:4.18.0-193.46.1.el8_2 | 0:4.18.0-193.46.1.el8_2 |
Android | ||
Linux Kernel | >=2.6.26<4.4.248 | |
Linux Kernel | >=4.5<4.9.248 | |
Linux Kernel | >=4.10<4.14.212 | |
Linux Kernel | >=4.15<4.19.163 | |
Linux Kernel | >=4.20<5.4.83 | |
Linux Kernel | >=5.5<5.9.14 | |
Red Hat Fedora | =32 | |
Red Hat Fedora | =33 | |
Debian Linux | =9.0 | |
Debian Linux | =10.0 | |
NetApp Active IQ Unified Manager for VMware vSphere | ||
Broadcom Fabric Operating System | ||
All of | ||
NetApp SolidFire Baseboard Management Controller Firmware | ||
NetApp SolidFire | ||
All of | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
All of | ||
NetApp AFF A700s Firmware | ||
NetApp A700 | ||
All of | ||
NetApp AFF 8300 Firmware | ||
NetApp FAS8300 | ||
All of | ||
NetApp AFF 8700 Firmware | ||
NetApp FAS8700 | ||
All of | ||
NetApp AFF A400 Firmware | ||
NetApp FAS A400 | ||
Oracle Tekelec Platform Distribution | >=7.4.0<=7.7.1 | |
NetApp SolidFire Baseboard Management Controller Firmware | ||
NetApp SolidFire | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp AFF A700s Firmware | ||
NetApp A700 | ||
NetApp AFF 8300 Firmware | ||
NetApp FAS8300 | ||
NetApp AFF 8700 Firmware | ||
NetApp FAS8700 | ||
NetApp AFF A400 Firmware | ||
NetApp FAS A400 | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2020-29661 is classified as a high severity vulnerability that could allow an attacker to corrupt memory or escalate privileges.
To mitigate CVE-2020-29661, update your Linux kernel to the patched versions provided by your Linux distribution.
CVE-2020-29661 affects multiple versions of the Linux kernel, particularly those prior to the patched releases mentioned in your distribution's advisory.
CVE-2020-29661 is not considered remotely exploitable; it requires local access to the affected system.
Yes, CVE-2020-29661 impacts various distributions including Red Hat, Fedora, and Debian.