mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
1.4 KiB
1.4 KiB
CVE-2020-7053
Description
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.
POC
Reference
- http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
- http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
- https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com
- https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com
- https://usn.ubuntu.com/4287-2/
- https://usn.ubuntu.com/4287-2/