QwikSec

Security Database

CVE

CWE

Training

CVE-2020-35508

Published: Mar 26, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.

Vendor	Product	Versions
n/a	kernel	affected `kernel 5.12`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1902724

x_refsource_MISC

https://github.com/torvalds/linux/commit/b4e00444cab4c3f3fec876dc0cccc8cbb0d1a948

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210513-0006/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.