DCCP CCID structure use-after-free
CVE-2020-16119

6.3MEDIUM

Key Information:

Vendor: Canonical
Status: Linux Kernel
Vendor: CVE Published:; 14 January 2021

Summary

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

Affected Version(s)

Linux kernel 5.4 kernel < 5.4.0-51.56

Linux kernel 5.3 kernel < 5.3.0-68.63

Linux kernel 4.15 kernel < 4.15.0-121.123

References

https://launchpad.net/bugs/1883840

vendor-advisoryx_refsource_UBUNTU

https://ubuntu.com/USN-4576-1

vendor-advisoryx_refsource_UBUNTU

https://ubuntu.com/USN-4577-1

vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 14, 2021
Vulnerability Reserved
Jul 29, 2020

Credit

Hador Manor

.