APPLIED: [PATCH 0/1] [SRU f/linux-oem-5.6] CVE-2020-0423
Tim Gardner
tim.gardner at canonical.com
Fri Mar 19 16:56:55 UTC 2021
Applied to focal/linux-oem-5.6-next. Thanks.
-rtg
On 3/10/21 7:23 AM, Tim Gardner wrote:
> [Impact]
> In binder_release_work of binder.c, there is a possible use-after-free due to
> improper locking. This could lead to local escalation of privilege in the
> kernel with no additional execution privileges needed. User interaction is
> not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
> ID: A-161151868References: N/A
>
> From the Ubuntu security team:
> It was discovered that a race condition existed in the binder IPC implementation
> in the Linux kernel, leading to a use-after-free vulnerability. A local
> attacker could use this to cause a denial of service (system crash) or possibly
> execute arbitrary code.
>
> [Test Case]
> None
>
> [Potential regression]
> This patch has been released in
> linux-4.14.y
> linux-4.19.y
> linux-5.4.y
> linux-5.8.y
> linux-5.9.y
>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list