An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
References
Link | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040 | Patch Vendor Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5 | Release Notes Vendor Advisory |
https://bugs.chromium.org/p/project-zero/issues/detail?id=2045 | Exploit Issue Tracking Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210108-0002/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-11-27 23:15
Updated : 2022-04-26 09:34
NVD link : CVE-2020-29368
Mitre link : CVE-2020-29368
JSON object : View
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Products Affected
netapp
- cloud_backup
- hci_compute_node
- h410c_firmware
- element_software
- solidfire
- h410c
- hci_management_node
- hci_bootstrap_os
linux
- linux_kernel