Launchpad.net

CVE 2020-0466

In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel

Related bugs and status

CVE-2020-0466 (Candidate) is related to these bugs:

Bug #1909647: xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases

		In	Importance	Status
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	ubuntu-kernel-tests	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux (Ubuntu)	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux (Ubuntu Groovy)	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux (Ubuntu Hirsute)	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux (Ubuntu Bionic)	Undecided	Invalid
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux (Ubuntu Focal)	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux-oem-5.6 (Ubuntu Bionic)	Undecided	Invalid
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux-oem-5.6 (Ubuntu Focal)	Undecided	Fix Released
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux-oem-5.6 (Ubuntu Groovy)	Undecided	Invalid
1909647	xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases	linux-oem-5.6 (Ubuntu Hirsute)	Undecided	Invalid

Bug #1919147: ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6

		In	Importance	Status
1919147	ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6	ubuntu-kernel-tests	Undecided	Fix Released
1919147	ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1919147	ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6	linux-oem-5.6 (Ubuntu Focal)	Undecided	Fix Released

Bug #1919277: l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6

		In	Importance	Status
1919277	l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1919277	l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6	ubuntu-kernel-tests	Undecided	Fix Released
1919277	l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6	linux-oem-5.6 (Ubuntu Focal)	Undecided	Fix Released

Bug #1921042: focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker

		In	Importance	Status
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow kernel-signoff	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package-lrm	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Invalid
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	linux-oem-5.6 (Ubuntu Focal)	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package-lrs	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow prepare-package-lrg	Medium	Fix Released
1921042	focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker	Kernel SRU Workflow promote-signing-to-proposed	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://source.android...