Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
References
Link | Resource |
---|---|
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695 | Patch Third Party Advisory |
https://launchpad.net/bugs/1883840 | Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html | Third Party Advisory |
https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza%40canonical.com/T/ | |
https://security.netapp.com/advisory/ntap-20210304-0006/ | Third Party Advisory |
https://ubuntu.com/USN-4576-1 | Third Party Advisory |
https://ubuntu.com/USN-4577-1 | Third Party Advisory |
https://ubuntu.com/USN-4578-1 | Third Party Advisory |
https://ubuntu.com/USN-4579-1 | Third Party Advisory |
https://ubuntu.com/USN-4580-1 | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4978 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
01 Jan 2022, 18:13
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html - Third Party Advisory |
17 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Nov 2021, 19:53
Type | Values Removed | Values Added |
---|---|---|
References | (DEBIAN) https://www.debian.org/security/2021/dsa-4978 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
16 Oct 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Sep 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-01-14 01:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-16119
Mitre link : CVE-2020-16119
CVE.ORG link : CVE-2020-16119
JSON object : View
Products Affected
canonical
- ubuntu_linux
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-416
Use After Free