CVE-2020-10690

moderate-risk
Published 2020-05-08

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.

Do I need to act?

-
0.13% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
LOCAL / LOW complexity

Affected Products (20)

Affected Vendors

Debian Redhat Linux Canonical Netapp Opensuse

References (12)

Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690
Mailing List https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
Mailing List https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
Third Party Advisory https://security.netapp.com/advisory/ntap-20200608-0001/
Third Party Advisory https://usn.ubuntu.com/4419-1/
Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690
Mailing List https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
Mailing List https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
Third Party Advisory https://security.netapp.com/advisory/ntap-20200608-0001/
Third Party Advisory https://usn.ubuntu.com/4419-1/
43
/ 100
moderate-risk
Severity 21/34 · High
Exploitability 1/34 · Minimal
Exposure 21/34 · High