CVE-2020-16119 DCCP CCID structure use-after-free

2020-10-1300:00:00

CWE-416

canonical

www.cve.org

6.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

CNA Affected

[
  {
    "product": "Linux kernel",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "5.4.0-51.56",
        "status": "affected",
        "version": "5.4 kernel",
        "versionType": "custom"
      },
      {
        "lessThan": "5.3.0-68.63",
        "status": "affected",
        "version": "5.3 kernel",
        "versionType": "custom"
      },
      {
        "lessThan": "4.15.0-121.123",
        "status": "affected",
        "version": "4.15 kernel",
        "versionType": "custom"
      },
      {
        "lessThan": "4.4.0-193.224",
        "status": "affected",
        "version": "4.4 kernel",
        "versionType": "custom"
      },
      {
        "lessThan": "3.13.0.182.191",
        "status": "affected",
        "version": "3.13 kernel",
        "versionType": "custom"
      },
      {
        "lessThan": "3.2.0-149.196",
        "status": "affected",
        "version": "3.2 kernel",
        "versionType": "custom"
      }
    ]
  }
]