Main Vulnerability Database Exploits ID:6648 - Exploit for Operation on a Resource after Expiration or Release in Linux kernel - CVE-2020-25221

ID:6648 - Exploit for Operation on a Resource after Expiration or Release in Linux kernel - CVE-2020-25221

Published: August 23, 2021

Vulnerability identifier: #VU51946

Vulnerability risk: Low

CVE-ID: CVE-2020-25221

CWE-ID: CWE-672

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/star-sg/CVE

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page in get_gate_page() function in mm/gup.c. A local user can trigger refcount underflow and escalate privileges on the system.

Remediation

Install updates from vendor's website.

ID:6648 - Exploit for Operation on a Resource after Expiration or Release in Linux kernel - CVE-2020-25221

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human