Lucene search

K
ubuntuUbuntuUSN-5130-1
HistoryNov 09, 2021 - 12:00 a.m.

Linux kernel vulnerabilities

2021-11-0900:00:00
ubuntu.com
77

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.6%

Releases

  • Ubuntu 14.04 ESM

Packages

  • linux - Linux kernel

Details

Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)

Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)