vulnerability
SUSE: CVE-2020-25669: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | 2020-11-23 | 2020-11-27 | 2022-02-04 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
2020-11-23
Added
2020-11-27
Modified
2022-02-04
Description
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
Solution(s)
suse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-docssuse-upgrade-kernel-obs-build
References
- SUSE-SUSE-SU-2020:3484-1
- SUSE-SUSE-SU-2020:3713-1
- SUSE-SUSE-SU-2020:3715-1
- SUSE-SUSE-SU-2020:3717-1
- SUSE-SUSE-SU-2020:3718-1
- SUSE-SUSE-SU-2020:3748-1
- SUSE-SUSE-SU-2020:3764-1
- SUSE-SUSE-SU-2020:3766-1
- SUSE-SUSE-SU-2020:3798-1
- SUSE-SUSE-SU-2021:0434-1
- SUSE-SUSE-SU-2021:0437-1
- SUSE-SUSE-SU-2021:0438-1
- SUSE-SUSE-SU-2021:0452-1
- SUSE-SUSE-SU-2021:14630-1
- NVD-CVE-2020-25669
- UBUNTU-USN-4708-1
- UBUNTU-USN-4709-1
- UBUNTU-USN-4749-1
- UBUNTU-USN-4750-1
- UBUNTU-USN-4751-1
- UBUNTU-USN-4912-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.