An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
References
Link | Resource |
---|---|
https://bugs.chromium.org/p/project-zero/issues/detail?id=2045 | Exploit Issue Tracking Patch Third Party Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5 | Release Notes Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040 | Patch Vendor Advisory |
https://security.netapp.com/advisory/ntap-20210108-0002/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-28T06:20:26
Updated: 2021-01-08T11:06:18
Reserved: 2020-11-28T00:00:00
Link: CVE-2020-29368
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-28T07:15:11.460
Modified: 2024-02-15T15:56:34.797
Link: CVE-2020-29368
JSON object: View
Redhat Information
No data.
CWE