CVE-2020-36387

Published: Jun 7, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2

x_refsource_MISC

https://syzkaller.appspot.com/bug?id=ce5f07d6ec3b5050b8f0728a3b389aa510f2591b

x_refsource_MISC

https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-io_async_task_func

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d816e088c359866f9867057e04f244c608c42fe

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210727-0006/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-36387

Description

Affected Products

References