Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2020-25668

Description

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

POC

Reference

- http://www.openwall.com/lists/oss-security/2020/10/30/1

- http://www.openwall.com/lists/oss-security/2020/11/04/3

- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=90bfdeef83f1d6c696039b6a917190dcbbad3220

- https://www.openwall.com/lists/oss-security/2020/10/30/1%2C

- https://www.openwall.com/lists/oss-security/2020/10/30/1,

- https://www.openwall.com/lists/oss-security/2020/11/04/3%2C

- https://www.openwall.com/lists/oss-security/2020/11/04/3,

Github

- https://github.com/hshivhare67/Kernel_4.1.15_CVE-2020-25668