Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory

Description

A malicious userspace application can cause a integer overflow and bypass security checks performed by
system call handlers. The impact would depend on the underlying system call and can range
from denial of service to information leak to memory corruption resulting in code execution
within the kernel.

See NCC-ZEP-005

Environment

None

Activity

Show:
Flavio Ceolin
March 3, 2020, 10:53 PM

CVE-2020-10022.

David Brown
March 9, 2020, 2:24 PM

Not released, until v2.2 is released.

David Brown
April 30, 2020, 9:04 PM

CVE-2020-10022 was already used, so I’m reassigning this to CVE-2020-10067.

Assignee

Flavio Ceolin

Reporter

Flavio Ceolin

Labels

None

Authorized viewers

Jeremy Boone
Johan Hedberg

CVE

CVE-2020-10067

Embargo Lift

2020/05/01

Components

Fix versions

Affects versions

Priority

Medium
Configure