Linux kernel 4.14 Use After Free Vulnerability

Summary

Linux kernel 4.14 suffers from use after free vulnerability

Credit:

The information has been provided by Chris Wilson

The original article can be found at:https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522


Details

In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.

 

Vulnerable Systems:

Linux kernel 4.14 longterm through 4.14.165 

Linux kernel 4.19 longterm through 4.19.96

 

CVE Information:

CVE-2020-7053

 

Disclosure Timeline:
Published Date:1/14/2020

Categories: News