CVE-2020-29534

High

7.8/10

Summary

An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Dec 03, 2020

CVE-2020-29534

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS