Lucene search

K
cvelistMitreCVELIST:CVE-2020-12826
HistoryMay 12, 2020 - 6:58 p.m.

CVE-2020-12826

2020-05-1218:58:48
mitre
www.cve.org
5

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.