CVE-2020-25668 — Race Condition in Kernel
CWE-362 — Race ConditionCWE-662 — Improper SynchronizationCWE-416 — Use After Free15 documents6 sources
Severity
7.0HIGHNVD
OSV8.2OSV5.5OSV4.1
EPSS
0.1%
top 67.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 26
Latest updateDec 1
Description
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages5 packages
Also affects: Debian Linux 9.0
Patches
🔴Vulnerability Details
6OSV▶
CVE-2020-25668: A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font↗2021-05-26
OSV▶
linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities↗2021-02-25
OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2021-01-06
OSV▶
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabi↗2021-01-06