what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

CVE-2020-29661

Status Candidate

Overview

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

Related Files

Kernel Live Patch Security Notice LSN-0082-1
Posted Nov 12, 2021
Authored by Benjamin M. Romer

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. Various other vulnerabilities were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux
advisories | CVE-2020-29660, CVE-2020-29661, CVE-2021-3444, CVE-2021-3715
SHA-256 | 4c43b77dc14ec38d515895508c90603e29e4435a67390143e2cb91e68bc70e9d
Ubuntu Security Notice USN-5130-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5130-1 - Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-29660, CVE-2020-29661
SHA-256 | b17505018c4425c9656c7d3f88f088126561b05c8d0305c63f206297d8335a5e
Red Hat Security Advisory 2021-2164-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19532, CVE-2020-12362, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
SHA-256 | 6bd92923839be99268dd645904847ea0cb5026e7b009c470995448a9af321fd2
Red Hat Security Advisory 2021-1288-01
Posted Apr 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-29661, CVE-2021-20265, CVE-2021-27364, CVE-2021-27365
SHA-256 | 9c60a61a3776daa86b179eb717f96ed14b2dbca64e254ce97ef039b80693d81f
Red Hat Security Advisory 2021-1031-01
Posted Mar 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1031-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-29661
SHA-256 | dab7e6c11b7dd7a505d13e73518f4db6d05575174b70d8c4afff935f08732d27
Red Hat Security Advisory 2021-1028-01
Posted Mar 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1028-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-29661
SHA-256 | 383ae58f9c981bbab2e88b60b1e82c17339625833137f8b6f7aeda3b33dab637
Red Hat Security Advisory 2021-0940-01
Posted Mar 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0940-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-29661
SHA-256 | e4eafc7f5a94df38fbe7e1a726f909953539595501cab7782a4bb7e073355a5a
Red Hat Security Advisory 2021-0878-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0878-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-24394, CVE-2020-25212, CVE-2020-29661
SHA-256 | 6203ce3bcd4afe4ee341f532d73a8b94e8a9011620eccacf0351836cbb394a6e
Red Hat Security Advisory 2021-0857-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0857-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19532, CVE-2020-0427, CVE-2020-14351, CVE-2020-25211, CVE-2020-25645, CVE-2020-25656, CVE-2020-25705, CVE-2020-28374, CVE-2020-29661, CVE-2020-7053, CVE-2021-20265
SHA-256 | 52b1ba89ad5b5b01bc9fbbc0c26885b43edd807f81c5a3811079118a010cfd3f
Red Hat Security Advisory 2021-0856-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0856-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19532, CVE-2020-0427, CVE-2020-14351, CVE-2020-25211, CVE-2020-25645, CVE-2020-25656, CVE-2020-25705, CVE-2020-28374, CVE-2020-29661, CVE-2020-7053, CVE-2021-20265
SHA-256 | 848127b0ce6b0e3e3f3e313979c52ece03f0429de6169b74b851dff3a01ddcda
Red Hat Security Advisory 2021-0862-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0862-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-28374, CVE-2020-29661
SHA-256 | 688615d8f7804efc14b56620f418150b23675228da2b445c0a1ffdcbe74b0769
Red Hat Security Advisory 2021-0765-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0765-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
SHA-256 | 9d5ae1d8d35b1a5772b263eafd110e715d046cae9a1abd6d52ad704d4a354def
Red Hat Security Advisory 2021-0774-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0774-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25211, CVE-2020-25705, CVE-2020-29661
SHA-256 | 82b19c04725220a375efdb20cf793f37f28706b4844b1bad216d068f80b9049c
Red Hat Security Advisory 2021-0763-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0763-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-25211, CVE-2020-29661
SHA-256 | d6c4f4cc417345c363ac874284e3855077ba8015e9d80c87432d7dd4935b704e
Red Hat Security Advisory 2021-0719-01
Posted Mar 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0719-01 - Red Hat Advanced Cluster Management for Kubernetes 2.0.8 images. Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve some security issues and bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-14351, CVE-2020-15436, CVE-2020-25705, CVE-2020-29661, CVE-2020-35513, CVE-2021-20230, CVE-2021-3121
SHA-256 | 2f14cab81d5c42464f47e9dcf7d3143a48bb175a76c4d60fed61e7817dcce904
Red Hat Security Advisory 2021-0686-01
Posted Mar 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0686-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-14351, CVE-2020-25705, CVE-2020-29661
SHA-256 | 4346ebd283d83e7d5a258dd32e08f2db58345e7ac7f7af3ef8145d22b4570608
Red Hat Security Advisory 2021-0689-01
Posted Mar 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0689-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-0444, CVE-2020-29661
SHA-256 | 6201a82d0790a7c15b56eca2f83705511ee46b4f53eab07dff124a7d2d5ecbe8
Debian Security Advisory 4843-1
Posted Feb 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4843-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-27815, CVE-2020-27825, CVE-2020-27830, CVE-2020-28374, CVE-2020-29568, CVE-2020-29569, CVE-2020-29660, CVE-2020-29661, CVE-2020-36158, CVE-2021-20177, CVE-2021-3347
SHA-256 | b63fae8d21eadd6fb015db055e5e8e2055c3653fa769dcd8d9d46a56af24ab72
Ubuntu Security Notice USN-4752-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4752-1 - Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437, CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641, CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815, CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369, CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508
SHA-256 | 9d423aca91d7f1b70463a45e888e4c441f17d4136f7beccf8bf581dc633b7a2e
Ubuntu Security Notice USN-4751-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4751-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25656, CVE-2020-25668, CVE-2020-25669, CVE-2020-25704, CVE-2020-27673, CVE-2020-27675, CVE-2020-27777, CVE-2020-27815, CVE-2020-27830, CVE-2020-27835, CVE-2020-28588, CVE-2020-28974, CVE-2020-29568, CVE-2020-29569, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508
SHA-256 | e9d3e10fdaf8851fce0f2b40b30eae653fe05a491bcde750907baec6b6f2532b
Ubuntu Security Notice USN-4750-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4750-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25669, CVE-2020-27815, CVE-2020-28588, CVE-2020-28941, CVE-2020-29568, CVE-2020-29569, CVE-2020-29660, CVE-2020-29661, CVE-2021-20177
SHA-256 | 244b492047de3dfc8cbaec49a7d3d8b2fa1ece0ca9975986a3b9ca7800cd6c3a
Ubuntu Security Notice USN-4749-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4749-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25669, CVE-2020-27815, CVE-2020-29374, CVE-2020-29568, CVE-2020-29569, CVE-2020-29660, CVE-2020-29661
SHA-256 | c63a6b0b35b3e71cc0cb6d6b81c4d7a6309dedb3ea47cd82b05b2a4b24f23b48
Ubuntu Security Notice USN-4748-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4748-1 - It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27815, CVE-2020-29374, CVE-2020-29568, CVE-2020-29660, CVE-2020-29661
SHA-256 | d67736e2a88e2a48fdcc199d6274d2ea8c794a2e8d9ad3c1542bb81b35eb62ea
Red Hat Security Advisory 2021-0558-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0558-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-25705, CVE-2020-29661
SHA-256 | 7283785eaa933b306c1724231dee042628d834e4720063f7b151d6119cbe24fa
Red Hat Security Advisory 2021-0537-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0537-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-14351, CVE-2020-25705, CVE-2020-29661
SHA-256 | b771926c5d71d88a97d82d3499e15c5dd8e405c9a5899cdca21ddf8ce43e2fc3
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close