CVE-2020-7053

Published: Jan 14, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.14 to 4.14.165
Linux Linux Kernel	From 4.19 to 4.19.96
Linux Linux Kernel	From 5.0 to 5.2

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (24)

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html

Source: cve@mitre.org

http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html

Source: cve@mitre.org

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522

Source: cve@mitre.org

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2

Source: cve@mitre.org

Third Party Advisory

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310

Source: cve@mitre.org

PatchThird Party Advisory

https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks%40canonical.com

Source: cve@mitre.org

https://security.netapp.com/advisory/ntap-20200204-0002/

Source: cve@mitre.org

https://usn.ubuntu.com/4255-1/

Source: cve@mitre.org

https://usn.ubuntu.com/4255-2/

Source: cve@mitre.org

https://usn.ubuntu.com/4285-1/

Source: cve@mitre.org

https://usn.ubuntu.com/4287-1/

Source: cve@mitre.org

https://usn.ubuntu.com/4287-2/

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks%40canonical.com

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20200204-0002/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4255-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4255-2/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4285-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4287-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4287-2/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.