Back to search
CVE-2020-25669
Published: May 26, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
| Vendor | Product | Versions |
|---|---|---|
n/a | Linux Kernel | affected 5.9.4 |
Weaknesses (CWE)
References
[oss-security] 20201105 CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit
mailing-list
x_refsource_MLIST
[oss-security] 20201120 Re: CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
mailing-list
x_refsource_MLIST
https://www.openwall.com/lists/oss-security/2020/11/05/2%2C
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2020/11/20/5%2C
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20210702-0006/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now