SB2020091031 - Privilege escalation in Linux kernel
Published: September 10, 2020 Updated: August 23, 2021
Security Bulletin ID
SB2020091031
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Operation on a Resource after Expiration or Release (CVE-ID: CVE-2020-25221)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page in get_gate_page() function in mm/gup.c. A local user can trigger refcount underflow and escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- http://www.openwall.com/lists/oss-security/2020/09/10/4
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.7
- https://git.kernel.org/linus/8891adc61dce2a8a41fc0c23262b681c3ec4b73a
- https://git.kernel.org/linus/9fa2dd946743ae6f30dc4830da19147bf100a7f2
- https://security.netapp.com/advisory/ntap-20201001-0003/
- https://www.openwall.com/lists/oss-security/2020/09/08/4