CVE 2020-0423
In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Related bugs and status
CVE-2020-0423 (Candidate) is related to these bugs:
Bug #1909647: xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases
Bug #1919147: ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | ubuntu-kernel-tests | Undecided | Fix Released | ||
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | linux-oem-5.6 (Ubuntu) | Undecided | Invalid | ||
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | linux-oem-5.6 (Ubuntu Focal) | Undecided | Fix Released |
Bug #1919277: l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | linux-oem-5.6 (Ubuntu) | Undecided | Invalid | ||
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | ubuntu-kernel-tests | Undecided | Fix Released | ||
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | linux-oem-5.6 (Ubuntu Focal) | Undecided | Fix Released |
Bug #1921042: focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow kernel-signoff | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | linux-oem-5.6 (Ubuntu Focal) | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.