Vulnerability CVE-2020-8647: Information

Description

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-8647

Published: Feb. 6, 2020

Modified: Dec. 30, 2021

Error type identifier: CWE-416

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	5.5.4-alt1	6.8.8-alt1	ALT-PU-2020-1251-1	246570	Fixed
kernel-image-mp	p10	5.5.4-alt1	6.1.19-alt1	ALT-PU-2020-1251-1	246570	Fixed
kernel-image-mp	p9	5.5.16-alt1	5.12.16-alt1	ALT-PU-2020-1714-1	249865	Fixed
kernel-image-mp	c9f2	5.5.16-alt1	5.7.16-alt1	ALT-PU-2020-1714-1	249865	Fixed
kernel-image-rpi-def	sisyphus	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p10	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p9	5.10.36-alt1	5.10.81-alt1	ALT-PU-2021-1866-1	272593	Fixed
kernel-image-rpi-un	sisyphus	5.5.5-alt0.2	6.6.23-alt1	ALT-PU-2020-1421-1	247100	Fixed
kernel-image-rpi-un	p10	5.5.5-alt0.2	6.1.77-alt1	ALT-PU-2020-1421-1	247100	Fixed
kernel-image-rpi-un	p9	5.5.5-alt0.3	5.12.17-alt1	ALT-PU-2020-1450-1	247310	Fixed
kernel-image-rpi-un	c9f2	5.5.5-alt0.3	5.7.8-alt3	ALT-PU-2020-1450-1	247310	Fixed
kernel-image-rt	sisyphus	5.10.35-alt1.rt39	6.1.90-alt2.rt30	ALT-PU-2021-1870-1	272532	Fixed
kernel-image-rt	p10	5.10.35-alt1.rt39	5.10.216-alt1.rt108	ALT-PU-2021-1870-1	272532	Fixed
kernel-image-std-debug	sisyphus	5.4.40-alt1	6.1.91-alt1	ALT-PU-2020-1945-1	251531	Fixed
kernel-image-std-def	sisyphus	5.4.25-alt1	6.1.91-alt1	ALT-PU-2020-1476-1	247790	Fixed
kernel-image-std-def	p10	5.4.25-alt1	5.10.216-alt1	ALT-PU-2020-1476-1	247790	Fixed
kernel-image-std-def	p9	5.4.25-alt2	5.4.275-alt1	ALT-PU-2020-1501-1	247586	Fixed
kernel-image-std-def	p8	4.9.216-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2020-1475-1	247717	Fixed
kernel-image-std-def	c9f2	5.10.32-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1739-1	270353	Fixed
kernel-image-std-def	c7	4.4.277-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2021-3033-1	281293	Fixed
kernel-image-std-kvm	sisyphus	5.10.29-alt1	5.10.176-alt1	ALT-PU-2021-1656-1	269859	Fixed
kernel-image-std-kvm	p10	5.10.29-alt1	5.10.42-alt1	ALT-PU-2021-1656-1	269859	Fixed
kernel-image-un-def	sisyphus	5.5.3-alt1	6.6.31-alt1	ALT-PU-2020-1219-1	246067	Fixed
kernel-image-un-def	p10	5.5.3-alt1	6.1.85-alt1	ALT-PU-2020-1219-1	246067	Fixed
kernel-image-un-def	p9	5.7.0-alt1	5.10.216-alt2	ALT-PU-2020-2164-1	252789	Fixed
kernel-image-un-def	p8	4.19.109-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2020-1474-1	247713	Fixed
kernel-image-un-def	c10f1	5.5.3-alt1	6.1.85-alt0.c10f.1	ALT-PU-2020-1219-1	246067	Fixed
kernel-image-un-def	c9f2	5.7.0-alt1	5.10.29-alt2	ALT-PU-2020-2164-1	252789	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed
linux-tools	sisyphus_e2k	5.10-alt1.E2K.1	5.10-alt1.E2K.3	ALT-PU-2023-7771-1	-	Fixed
linux-tools	p10_e2k	5.10-alt1.E2K.1	5.10-alt1.E2K.1	ALT-PU-2023-8360-1	-	Fixed
usbip	sisyphus	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed
usbip	sisyphus_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7452-1	-	Fixed
usbip	p10	5.10-alt1	5.10-alt1	ALT-PU-2023-1903-1	320461	Fixed
usbip	p10_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7498-1	-	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.kernel.org/show_bug.cgi?id=206359	Issue Tracking Patch Vendor Advisory
openSUSE-SU-2020:0388	Issue Tracking Third Party Advisory
[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update	Mailing List Third Party Advisory
[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update	Mailing List Third Party Advisory
[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update	Mailing List Third Party Advisory
DSA-4698	Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End including
  5.5.2
  
  Configuration 2
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2020-8647: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3