#VU94220 Use-after-free in Linux kernel
Vulnerability identifier: #VU94220
Vulnerability risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xhci_invalidate_cancelled_tds() and xhci_handle_cmd_set_deq() functions in drivers/usb/host/xhci-ring.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
http://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228
http://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9
http://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518
http://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a
http://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
