QwikSec

Security Database

CVE

CWE

Training

CVE-2019-20794

Published: May 9, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/sargun/fuse-example

x_refsource_MISC

https://sourceforge.net/p/fuse/mailman/message/36598753/

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200608-0001/

x_refsource_CONFIRM

[oss-security] 20200824 CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.