A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
http://www.openwall.com/lists/oss-security/2020/12/10/1
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
Source: MITRE
Published: 2020-12-09
Updated: 2021-03-09
Type: CWE-667
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 4.4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 0.8
Severity: MEDIUM
OR
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 5.9.13 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
148550 | Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9038) | Nessus | Oracle Linux Local Security Checks | high |
148549 | Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9037) | Nessus | Oracle Linux Local Security Checks | high |
148041 | EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1684) | Nessus | Huawei Local Security Checks | high |
148009 | Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4750-1) | Nessus | Ubuntu Local Security Checks | high |
147983 | Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4749-1) | Nessus | Ubuntu Local Security Checks | high |
147982 | Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4752-1) | Nessus | Ubuntu Local Security Checks | high |
147978 | Ubuntu 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4751-1) | Nessus | Ubuntu Local Security Checks | high |
147975 | Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4748-1) | Nessus | Ubuntu Local Security Checks | high |
147690 | EulerOS : kernel (EulerOS-SA-2021-1642) | Nessus | Huawei Local Security Checks | high |
147588 | EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1386) | Nessus | Huawei Local Security Checks | high |
147532 | Debian DLA-2586-1 : linux security update | Nessus | Debian Local Security Checks | high |
147512 | EulerOS : kernel (EulerOS-SA-2021-1604) | Nessus | Huawei Local Security Checks | high |
146701 | EulerOS 2.0 SP2 : kernel (EulerOS-SA-2021-1311) | Nessus | Huawei Local Security Checks | high |
146512 | Debian DLA-2557-1 : linux-4.19 security update | Nessus | Debian Local Security Checks | high |
146511 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1) | Nessus | SuSE Local Security Checks | high |
146476 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1) | Nessus | SuSE Local Security Checks | high |
146474 | SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1) | Nessus | SuSE Local Security Checks | high |
146470 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0434-1) | Nessus | SuSE Local Security Checks | high |
146401 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0408-1) | Nessus | SuSE Local Security Checks | high |
146300 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9035) | Nessus | Oracle Linux Local Security Checks | high |
146299 | Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9039) | Nessus | Oracle Linux Local Security Checks | high |
146282 | openSUSE Security Update : RT kernel (openSUSE-2021-242) | Nessus | SuSE Local Security Checks | high |
146248 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0005) | Nessus | OracleVM Local Security Checks | high |
146096 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9030) | Nessus | Oracle Linux Local Security Checks | high |
146052 | Debian DSA-4843-1 : linux - security update | Nessus | Debian Local Security Checks | high |
145726 | EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1148) | Nessus | Huawei Local Security Checks | high |
145458 | Amazon Linux AMI : kernel (ALAS-2021-1477) | Nessus | Amazon Linux Local Security Checks | high |
145456 | Amazon Linux 2 : kernel (ALAS-2021-1588) | Nessus | Amazon Linux Local Security Checks | high |
145320 | openSUSE Security Update : the Linux Kernel (openSUSE-2021-60) | Nessus | SuSE Local Security Checks | high |
145287 | openSUSE Security Update : the Linux Kernel (openSUSE-2021-75) | Nessus | SuSE Local Security Checks | high |
145201 | EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-1079) | Nessus | Huawei Local Security Checks | high |
145120 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0133-1) | Nessus | SuSE Local Security Checks | high |
145025 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0117-1) | Nessus | SuSE Local Security Checks | high |
145018 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0118-1) | Nessus | SuSE Local Security Checks | high |
144959 | SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0108-1) | Nessus | SuSE Local Security Checks | high |
144914 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0098-1) | Nessus | SuSE Local Security Checks | high |
144908 | SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0095-1) | Nessus | SuSE Local Security Checks | high |
144902 | Photon OS 3.0: Linux PHSA-2021-3.0-0182 | Nessus | PhotonOS Local Security Checks | high |
144891 | Photon OS 2.0: Linux PHSA-2021-2.0-0308 | Nessus | PhotonOS Local Security Checks | high |
144693 | EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1028) | Nessus | Huawei Local Security Checks | high |
144687 | EulerOS : kernel (EulerOS-SA-2021-1009) | Nessus | Huawei Local Security Checks | high |
144519 | Photon OS 1.0: Linux PHSA-2020-1.0-0350 | Nessus | PhotonOS Local Security Checks | high |
144362 | Fedora 32 : kernel (2020-bc0cc81a7a) | Nessus | Fedora Local Security Checks | high |
144342 | Fedora 33 : kernel (2020-b732958765) | Nessus | Fedora Local Security Checks | high |