Details of VAR-202012-1546

ID

VAR-202012-1546

CVE

CVE-2020-29661

TITLE

Linux Kernel resource locking vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-014190

DESCRIPTION

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. Linux Kernel contains a resource locking vulnerability and a freed memory usage vulnerability. Vendors must CID-54ffccbf053b It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update to the latest RHEL7.9.z4 source tree (BZ#1917909) 4. Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [Hyper-V][RHEL-8] Request to included a commit that adds a timeout to vmbus_wait_for_unload (BZ#1913530) * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap (BZ#1929908) * rpmbuild cannot build the userspace RPMs in the kernel package when the kernel itself is not built (BZ#1929912) 4. 6 ELS) - i386, s390x, x86_64 3. Bug Fix(es): * Enable CI and changelog for GitLab workflow (BZ#1930523) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:0878-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0878 Issue date: 2021-03-16 CVE Names: CVE-2020-14351 CVE-2020-24394 CVE-2020-25212 CVE-2020-29661 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: umask not applied on filesystem without ACL support (CVE-2020-24394) * kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels (BZ#1919144) * Enable CI and changelog for GitLab workflow (BZ#1930931) Enhancement(s): * [Cavium 7.7 Feat] qla2xxx: Update to latest upstream. (BZ#1918534) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1862849 - CVE-2020-14351 kernel: performance counters race condition use-after-free 1869141 - CVE-2020-24394 kernel: umask not applied on filesystem without ACL support 1877575 - CVE-2020-25212 kernel: TOCTOU mismatch in the NFS client code 1906525 - CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6): Source: kernel-3.10.0-957.70.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.70.1.el7.noarch.rpm kernel-doc-3.10.0-957.70.1.el7.noarch.rpm x86_64: bpftool-3.10.0-957.70.1.el7.x86_64.rpm kernel-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.70.1.el7.x86_64.rpm kernel-devel-3.10.0-957.70.1.el7.x86_64.rpm kernel-headers-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.70.1.el7.x86_64.rpm perf-3.10.0-957.70.1.el7.x86_64.rpm perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm python-perf-3.10.0-957.70.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.70.1.el7.x86_64.rpm perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.6): Source: kernel-3.10.0-957.70.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.70.1.el7.noarch.rpm kernel-doc-3.10.0-957.70.1.el7.noarch.rpm ppc64: kernel-3.10.0-957.70.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-957.70.1.el7.ppc64.rpm kernel-debug-3.10.0-957.70.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-957.70.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.70.1.el7.ppc64.rpm kernel-devel-3.10.0-957.70.1.el7.ppc64.rpm kernel-headers-3.10.0-957.70.1.el7.ppc64.rpm kernel-tools-3.10.0-957.70.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-957.70.1.el7.ppc64.rpm perf-3.10.0-957.70.1.el7.ppc64.rpm perf-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm python-perf-3.10.0-957.70.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-957.70.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debug-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.70.1.el7.ppc64le.rpm kernel-devel-3.10.0-957.70.1.el7.ppc64le.rpm kernel-headers-3.10.0-957.70.1.el7.ppc64le.rpm kernel-tools-3.10.0-957.70.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.70.1.el7.ppc64le.rpm perf-3.10.0-957.70.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm python-perf-3.10.0-957.70.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm s390x: kernel-3.10.0-957.70.1.el7.s390x.rpm kernel-debug-3.10.0-957.70.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-957.70.1.el7.s390x.rpm kernel-debug-devel-3.10.0-957.70.1.el7.s390x.rpm kernel-debuginfo-3.10.0-957.70.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-957.70.1.el7.s390x.rpm kernel-devel-3.10.0-957.70.1.el7.s390x.rpm kernel-headers-3.10.0-957.70.1.el7.s390x.rpm kernel-kdump-3.10.0-957.70.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-957.70.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-957.70.1.el7.s390x.rpm perf-3.10.0-957.70.1.el7.s390x.rpm perf-debuginfo-3.10.0-957.70.1.el7.s390x.rpm python-perf-3.10.0-957.70.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.s390x.rpm x86_64: bpftool-3.10.0-957.70.1.el7.x86_64.rpm kernel-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.70.1.el7.x86_64.rpm kernel-devel-3.10.0-957.70.1.el7.x86_64.rpm kernel-headers-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.70.1.el7.x86_64.rpm perf-3.10.0-957.70.1.el7.x86_64.rpm perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm python-perf-3.10.0-957.70.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.6): ppc64: kernel-debug-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.70.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-957.70.1.el7.ppc64.rpm perf-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.70.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.70.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.70.1.el7.x86_64.rpm perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.70.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-14351 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-29661 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFDHTtzjgjWX9erEAQgMwRAAmciGnGTaC97k1bJgX42n8dc4yATy5Arr rkG9GV0fuZyA0K3NTQHzXzUxmUZmqpIw08g3hvnzsUCkaHcLCcfby7EvIS4MPASE flN5JCjKqHBqIEVrXW+s+shnjiUU3TP0QyN3t5TzuosxAwfq8tW0YDpfY/0o/v32 bdlRxBOX5dakNO6mj40tAEmGHZmHglJqYpGFSnGavE0Y2KQHJPHpsNFYBa77Cb9I /EzJfdLcXLgJGroMcWLaY3G2qCbI47cJI/Mln5spEzPd3ZuZfagCIPiBNtlNJngx QXgRaN3KdzGrMDjS0EJTdOVhUn65jLinYiNh6XSShpzRCtKKRPeeTKKetj5pt4J6 cKvAP4bGmri+F+tHJskP/zOTda2TPOXx8a/nzUlsXz1WjC74wN+emcoZuQZelZqd 5Eqr5lsQieTOBkQj7l4nIemwalrFi9l5RUhQNHZ44D85oAKgrqa8xxsvH5Hh9N3z TCavuEWFSl7ThIJsjgff8D8poJgs1wfOzBadzam3scZiTOFN5HG6aUNntInqGQSp dsTmaSTp8aE41Qrk9+J5X//CN2t815LMVhcqn33gn3kIWSBBdrVA5/jQuF/gzGN0 zAF7YoQYnJv8+JjKKF8SyR7gkH1irgXoT/K0SLELJzzDYzaLNqab+5/iPhMiW0Cx yxBTk0suqaE= =c0qF -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4748-1 February 25, 2021 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to possibly cause a denial of service (system crash). A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-1088-kvm 4.4.0-1088.97 linux-image-4.4.0-1122-aws 4.4.0-1122.136 linux-image-4.4.0-1146-raspi2 4.4.0-1146.156 linux-image-4.4.0-1150-snapdragon 4.4.0-1150.160 linux-image-4.4.0-203-generic 4.4.0-203.235 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235 linux-image-4.4.0-203-lowlatency 4.4.0-203.235 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235 linux-image-aws 4.4.0.1122.127 linux-image-generic 4.4.0.203.209 linux-image-generic-lpae 4.4.0.203.209 linux-image-kvm 4.4.0.1088.86 linux-image-lowlatency 4.4.0.203.209 linux-image-powerpc-e500mc 4.4.0.203.209 linux-image-powerpc-smp 4.4.0.203.209 linux-image-powerpc64-emb 4.4.0.203.209 linux-image-powerpc64-smp 4.4.0.203.209 linux-image-raspi2 4.4.0.1146.146 linux-image-snapdragon 4.4.0.1150.142 linux-image-virtual 4.4.0.203.209 Ubuntu 14.04 ESM: linux-image-4.4.0-1086-aws 4.4.0-1086.90 linux-image-4.4.0-203-generic 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-lowlatency 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235~14.04.1 linux-image-aws 4.4.0.1086.83 linux-image-generic-lpae-lts-xenial 4.4.0.203.177 linux-image-generic-lts-xenial 4.4.0.203.177 linux-image-lowlatency-lts-xenial 4.4.0.203.177 linux-image-powerpc-e500mc-lts-xenial 4.4.0.203.177 linux-image-powerpc-smp-lts-xenial 4.4.0.203.177 linux-image-powerpc64-emb-lts-xenial 4.4.0.203.177 linux-image-powerpc64-smp-lts-xenial 4.4.0.203.177 linux-image-virtual-lts-xenial 4.4.0.203.177 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well

Trust: 2.52

sources: NVD: CVE-2020-29661 // JVNDB: JVNDB-2020-014190 // VULMON: CVE-2020-29661 // PACKETSTORM: 161607 // PACKETSTORM: 161835 // PACKETSTORM: 162130 // PACKETSTORM: 161609 // PACKETSTORM: 162253 // PACKETSTORM: 161837 // PACKETSTORM: 161710 // PACKETSTORM: 161551 // PACKETSTORM: 161823

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	gte	version:	5.5	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.4.248	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.15	Trust: 1.0
vendor:	netapp	model:	8300	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	2.6.26	Trust: 1.0
vendor:	netapp	model:	a400	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.5	Trust: 1.0
vendor:	netapp	model:	a700s	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	gte	version:	7.4.0	Trust: 1.0
vendor:	broadcom	model:	fabric operating system	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.9.248	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.10	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	lte	version:	7.7.1	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h410c	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	active iq unified manager	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.14.212	Trust: 1.0
vendor:	netapp	model:	8700	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.9.14	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	32	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.19.163	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.20	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.4.83	Trust: 1.0
vendor:	linux	model:	kernel	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-014190 // NVD: CVE-2020-29661

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-29661
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-29661
value:	HIGH
Trust: 0.8
VULMON:	CVE-2020-29661
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-29661
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2020-29661
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-29661
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-29661 // JVNDB: JVNDB-2020-014190 // NVD: CVE-2020-29661

PROBLEMTYPE DATA

problemtype:	CWE-667	Trust: 1.0
problemtype:	CWE-416	Trust: 1.0
problemtype:	Use of freed memory (CWE-416) [NVD evaluation ]	Trust: 0.8
problemtype:	improper lock (CWE-667) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-014190 // NVD: CVE-2020-29661

THREAT TYPE

local

Trust: 0.1

sources: PACKETSTORM: 161551

TYPE

overflow

Trust: 0.3

sources: PACKETSTORM: 161835 // PACKETSTORM: 162253 // PACKETSTORM: 161710

PATCH

title:	Fix ->pgrp locking in tiocspgrp()	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/	Trust: 0.8
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210537 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-alt security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210354 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210558 - Security Advisory	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-29661 log	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-032	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-032	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-031	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-031	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-034	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-034	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-033	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-033	Trust: 0.1
title:	IBM: Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=d39f316392b1adf4ca22f6ef041af00f	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2021-1477	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1477	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.4-2022-019	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-019	Trust: 0.1
title:	Debian Security Advisories: DSA-4843-1 linux -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=b95030247235becf9e017bec31e9d503	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1588	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1588	Trust: 0.1
title:	IBM: Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e9d6f12dfd14652e2bb7e5c28ded162b	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	https://github.com/lcatro/cve_diff_checker	url:	https://github.com/lcatro/cve_diff_checker	Trust: 0.1
title:	veracode-container-security-finding-parser	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1

sources: VULMON: CVE-2020-29661 // JVNDB: JVNDB-2020-014190

EXTERNAL IDS

db:	NVD	id:	CVE-2020-29661	Trust: 3.6
db:	OPENWALL	id:	OSS-SECURITY/2020/12/10/1	Trust: 1.9
db:	PACKETSTORM	id:	160681	Trust: 1.1
db:	PACKETSTORM	id:	164950	Trust: 1.1
db:	ICS CERT	id:	ICSA-24-074-07	Trust: 0.8
db:	JVN	id:	JVNVU93656033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-014190	Trust: 0.8
db:	VULMON	id:	CVE-2020-29661	Trust: 0.1
db:	PACKETSTORM	id:	161607	Trust: 0.1
db:	PACKETSTORM	id:	161835	Trust: 0.1
db:	PACKETSTORM	id:	162130	Trust: 0.1
db:	PACKETSTORM	id:	161609	Trust: 0.1
db:	PACKETSTORM	id:	162253	Trust: 0.1
db:	PACKETSTORM	id:	161837	Trust: 0.1
db:	PACKETSTORM	id:	161710	Trust: 0.1
db:	PACKETSTORM	id:	161551	Trust: 0.1
db:	PACKETSTORM	id:	161823	Trust: 0.1

sources: VULMON: CVE-2020-29661 // PACKETSTORM: 161607 // PACKETSTORM: 161835 // PACKETSTORM: 162130 // PACKETSTORM: 161609 // PACKETSTORM: 162253 // PACKETSTORM: 161837 // PACKETSTORM: 161710 // PACKETSTORM: 161551 // PACKETSTORM: 161823 // JVNDB: JVNDB-2020-014190 // NVD: CVE-2020-29661

REFERENCES

url:	http://www.openwall.com/lists/oss-security/2020/12/10/1	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2020-29661	Trust: 1.6
url:	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc	Trust: 1.1
url:	http://packetstormsecurity.com/files/160681/linux-tiocspgrp-broken-locking.html	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20210122-0001/	Trust: 1.1
url:	https://www.debian.org/security/2021/dsa-4843	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpuoct2021.html	Trust: 1.1
url:	http://packetstormsecurity.com/files/164950/kernel-live-patch-security-notice-lsn-0082-1.html	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mz7oakaefaxqrgbzk4lyuwincd3d2xcl/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bob25su6xul4tnp7kb63wnzsytiyfdpp/	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2020-29661	Trust: 0.8
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.8
url:	https://bugzilla.redhat.com/):	Trust: 0.8
url:	https://access.redhat.com/security/team/contact/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93656033/index.html	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07	Trust: 0.8
url:	https://access.redhat.com/security/team/key/	Trust: 0.7
url:	https://access.redhat.com/articles/11258	Trust: 0.7
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14351	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-14351	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-0444	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0444	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-25211	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-28374	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-25705	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20265	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-25645	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20265	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-25656	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-0427	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-19532	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25705	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-7053	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25211	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28374	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0427	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19532	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/416.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/667.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0537	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lcatro/cve_diff_checker	Trust: 0.1
url:	https://alas.aws.amazon.com/al2/alaslivepatch-2021-032.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0689	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25656	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7053	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25645	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20907	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5188	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12401	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12402	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19126	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14866	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1971	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7595	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20388	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12401	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-6829	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14866	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-8177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12243	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20388	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19956	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12243	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-14040	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11727	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-1971	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5094	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11727	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14040	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-5188	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-15903	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-9283	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19126	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-5094	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15903	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19956	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20907	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12402	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0686	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27364	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1288	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-27364	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27365	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-27365	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24394	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25212	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25212	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0878	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24394	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0763	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1122.136	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/4.4.0-203.235	Trust: 0.1
url:	https://usn.ubuntu.com/4748-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1088.97	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-29660	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27815	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1146.156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-29568	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1150.160	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-29374	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0862	Trust: 0.1

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 161607 // PACKETSTORM: 161835 // PACKETSTORM: 162130 // PACKETSTORM: 161609 // PACKETSTORM: 162253 // PACKETSTORM: 161837 // PACKETSTORM: 161710 // PACKETSTORM: 161823

SOURCES

db:	VULMON	id:	CVE-2020-29661
db:	PACKETSTORM	id:	161607
db:	PACKETSTORM	id:	161835
db:	PACKETSTORM	id:	162130
db:	PACKETSTORM	id:	161609
db:	PACKETSTORM	id:	162253
db:	PACKETSTORM	id:	161837
db:	PACKETSTORM	id:	161710
db:	PACKETSTORM	id:	161551
db:	PACKETSTORM	id:	161823
db:	JVNDB	id:	JVNDB-2020-014190
db:	NVD	id:	CVE-2020-29661

LAST UPDATE DATE

2025-12-22T20:21:02.136000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-29661	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-014190	date:	2024-03-22T07:18:00
db:	NVD	id:	CVE-2020-29661	date:	2024-11-21T05:24:23.040

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-29661	date:	2020-12-09T00:00:00
db:	PACKETSTORM	id:	161607	date:	2021-03-02T16:24:58
db:	PACKETSTORM	id:	161835	date:	2021-03-17T14:22:58
db:	PACKETSTORM	id:	162130	date:	2021-04-08T14:00:00
db:	PACKETSTORM	id:	161609	date:	2021-03-02T16:26:19
db:	PACKETSTORM	id:	162253	date:	2021-04-20T16:31:47
db:	PACKETSTORM	id:	161837	date:	2021-03-17T14:26:23
db:	PACKETSTORM	id:	161710	date:	2021-03-09T15:57:57
db:	PACKETSTORM	id:	161551	date:	2021-02-25T15:30:28
db:	PACKETSTORM	id:	161823	date:	2021-03-17T14:09:30
db:	JVNDB	id:	JVNDB-2020-014190	date:	2021-08-05T00:00:00
db:	NVD	id:	CVE-2020-29661	date:	2020-12-09T17:15:31.807