Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2020-0444: CVE-2020-0444 kernel: bad kfree in auditfilter.c may lead to escalation of privilege (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Red Hat: CVE-2020-0444: CVE-2020-0444 kernel: bad kfree in auditfilter.c may lead to escalation of privilege (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
12/14/2020
Created
02/09/2021
Added
02/08/2021
Modified
12/15/2023

Description

In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel

Solution(s)

  • redhat-upgrade-bpftool
  • redhat-upgrade-bpftool-debuginfo
  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-abi-whitelists
  • redhat-upgrade-kernel-core
  • redhat-upgrade-kernel-cross-headers
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-debug-core
  • redhat-upgrade-kernel-debug-debuginfo
  • redhat-upgrade-kernel-debug-devel
  • redhat-upgrade-kernel-debug-modules
  • redhat-upgrade-kernel-debug-modules-extra
  • redhat-upgrade-kernel-debuginfo
  • redhat-upgrade-kernel-debuginfo-common-s390x
  • redhat-upgrade-kernel-debuginfo-common-x86_64
  • redhat-upgrade-kernel-devel
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-headers
  • redhat-upgrade-kernel-modules
  • redhat-upgrade-kernel-modules-extra
  • redhat-upgrade-kernel-rt
  • redhat-upgrade-kernel-rt-core
  • redhat-upgrade-kernel-rt-debug
  • redhat-upgrade-kernel-rt-debug-core
  • redhat-upgrade-kernel-rt-debug-debuginfo
  • redhat-upgrade-kernel-rt-debug-devel
  • redhat-upgrade-kernel-rt-debug-kvm
  • redhat-upgrade-kernel-rt-debug-modules
  • redhat-upgrade-kernel-rt-debug-modules-extra
  • redhat-upgrade-kernel-rt-debuginfo
  • redhat-upgrade-kernel-rt-debuginfo-common-x86_64
  • redhat-upgrade-kernel-rt-devel
  • redhat-upgrade-kernel-rt-kvm
  • redhat-upgrade-kernel-rt-modules
  • redhat-upgrade-kernel-rt-modules-extra
  • redhat-upgrade-kernel-tools
  • redhat-upgrade-kernel-tools-debuginfo
  • redhat-upgrade-kernel-tools-libs
  • redhat-upgrade-kernel-tools-libs-devel
  • redhat-upgrade-kernel-zfcpdump
  • redhat-upgrade-kernel-zfcpdump-core
  • redhat-upgrade-kernel-zfcpdump-debuginfo
  • redhat-upgrade-kernel-zfcpdump-devel
  • redhat-upgrade-kernel-zfcpdump-modules
  • redhat-upgrade-kernel-zfcpdump-modules-extra
  • redhat-upgrade-kpatch-patch-4_18_0-147_13_2
  • redhat-upgrade-kpatch-patch-4_18_0-147_13_2-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_13_2-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_20_1
  • redhat-upgrade-kpatch-patch-4_18_0-147_20_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_20_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_24_2
  • redhat-upgrade-kpatch-patch-4_18_0-147_24_2-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_24_2-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_27_1
  • redhat-upgrade-kpatch-patch-4_18_0-147_27_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_27_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_32_1
  • redhat-upgrade-kpatch-patch-4_18_0-147_32_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_32_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_34_1
  • redhat-upgrade-kpatch-patch-4_18_0-147_34_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_34_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_38_1
  • redhat-upgrade-kpatch-patch-4_18_0-147_38_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-147_38_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-147_8_1
  • redhat-upgrade-kpatch-patch-4_18_0-193
  • redhat-upgrade-kpatch-patch-4_18_0-193-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_13_2
  • redhat-upgrade-kpatch-patch-4_18_0-193_13_2-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_13_2-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_14_3
  • redhat-upgrade-kpatch-patch-4_18_0-193_14_3-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_14_3-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_19_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_19_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_19_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_1_2
  • redhat-upgrade-kpatch-patch-4_18_0-193_1_2-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_1_2-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_28_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_28_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_28_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_29_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_29_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_29_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_37_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_37_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_37_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_40_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_40_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_40_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_41_1
  • redhat-upgrade-kpatch-patch-4_18_0-193_41_1-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_41_1-debugsource
  • redhat-upgrade-kpatch-patch-4_18_0-193_6_3
  • redhat-upgrade-kpatch-patch-4_18_0-193_6_3-debuginfo
  • redhat-upgrade-kpatch-patch-4_18_0-193_6_3-debugsource
  • redhat-upgrade-perf
  • redhat-upgrade-perf-debuginfo
  • redhat-upgrade-python3-perf
  • redhat-upgrade-python3-perf-debuginfo

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;