ALT-PU-2020-3223-1
Package kernel-image-un-def updated to version 5.9.6-alt1 for branch sisyphus in task 261122.
Closed vulnerabilities
Published: 2020-10-28
BDU:2020-05831
Уязвимость ядра операционной системы Linux, связанная с использованием памяти после её освобождения, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (4.1)
Vector: AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-12-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-25656
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.
Severity: MEDIUM (4.1)
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1888726
- https://bugzilla.redhat.com/show_bug.cgi?id=1888726
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- https://lkml.org/lkml/2020/10/16/84
- https://lkml.org/lkml/2020/10/16/84
- https://lkml.org/lkml/2020/10/29/528
- https://lkml.org/lkml/2020/10/29/528
- https://www.starwindsoftware.com/security/sw-20210325-0006/
- https://www.starwindsoftware.com/security/sw-20210325-0006/