← Back

CVE-2020-29660

nvd nist
Published: Dec 9, 2020Modified: Nov 21, 2024

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.8 / Impact: 3.6
Source: NVD

Description

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

Affected (13)

Show all products
Linux: Linux Kernel · Fedoraproject: Fedora · Debian: Debian Linux · Netapp: Active Iq Unified Manager, Solidfire Baseboard Management Controller Firmware, H410c Firmware, A700s Firmware, 8300 Firmware, 8700 Firmware, A400 Firmware · Broadcom: Fabric Operating System
Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Netapp
7 products
Active Iq Unified Manager
Solidfire Baseboard Management Controller Firmware
H410c Firmware
A700s Firmware
8300 Firmware
8700 Firmware
A400 Firmware
Broadcom
1 product
Fabric Operating System
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Linux Kernel
Up to 5.9.13
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 32
Fedora
Version 33
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 9.0
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Active Iq Unified Manager
All versions
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Fabric Operating System
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Solidfire Baseboard Management Controller Firmware
All versions
Running on/withPlatform Versions
Netapp
Solidfire Baseboard Management Controller
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410c Firmware
All versions
Running on/withPlatform Versions
Netapp
H410c
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
A700s Firmware
All versions
Running on/withPlatform Versions
Netapp
A700s
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
8300 Firmware
All versions
Running on/withPlatform Versions
Netapp
8300
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
8700 Firmware
All versions
Running on/withPlatform Versions
Netapp
8700
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
A400 Firmware
All versions
Running on/withPlatform Versions
Netapp
A400
All versions

Related CWEs

CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CWE-667
Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (18)

Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing ListPatchThird Party Advisory
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.