CVE-2020-29661

7.8HIGH

Key Information

Vendor: Linux
Status: Linux Kernel
Vendor: CVE Published:; 9 December 2020

👾 Exploit Exists

Summary

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2020/12/10/1

mailing-listx_refsource_MLIST

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Sep 20, 2024
👾
Exploit known to exist
Sep 20, 2024
Vulnerability published
Dec 9, 2020
Vulnerability Reserved
Dec 9, 2020

Collectors

NVD DatabaseMitre Database0 Proof of Concept(s)