Your submission was sent successfully! Close

CVE-2020-12464

Published: 29 April 2020

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

From the Ubuntu security team

It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Priority

Medium

CVSS 3 base score: 6.7

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-106.107)
eoan
Released (5.3.0-59.53)
focal
Released (5.4.0-37.41)
precise Ignored
(was needs-triage ESM criteria)
trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.7~rc3)
xenial
Released (4.4.0-184.214)
Patches:
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 056ad39ee9253873522f6469c3364964a322912b
linux-aws
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1073.77)
eoan
Released (5.3.0-1023.25)
focal
Released (5.4.0-1015.15)
precise Does not exist

trusty
Released (4.4.0-1073.77)
upstream
Released (5.7~rc3)
xenial
Released (4.4.0-1109.120)
linux-aws-5.0
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-aws-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1023.25~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-aws-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-1018.18~18.04.1)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.15.0-1073.77~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan
Released (5.3.0-1028.29)
focal
Released (5.4.0-1016.16)
precise Does not exist

trusty
Released (4.15.0-1089.99~14.04.1)
upstream
Released (5.7~rc3)
xenial
Released (4.15.0-1089.99~16.04.1)
linux-azure-4.15
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1089.99)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-azure-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1028.29~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-azure-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-1020.20~18.04.1)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gcp
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan
Released (5.3.0-1026.28)
focal
Released (5.4.0-1015.15)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.15.0-1077.87~16.04.1)
linux-gcp-4.15
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1077.87)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gcp-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1026.28~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gcp-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-1019.19~18.04.2)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1063.66)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1042.43)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1026.28~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-59.53~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.15.0-106.107~16.04.1)
linux-hwe-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-37.41~18.04.1)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Ignored
(was needs-triage now end-of-life)
linux-kvm
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1067.68)
eoan
Released (5.3.0-1023.25)
focal
Released (5.4.0-1015.15)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.4.0-1075.82)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

precise Ignored
(was needs-triage ESM criteria)
trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

precise Does not exist

trusty
Released (4.4.0-184.214~14.04.1)
upstream
Released (5.7~rc3)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1087.97)
eoan Ignored
(reached end-of-life)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Ignored
(was needs-triage now end-of-life)
linux-oem-5.6
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal
Released (5.6.0-1010.10)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1059.64)
eoan Ignored
(reached end-of-life)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1045.49)
eoan
Released (5.3.0-1024.26)
focal
Released (5.4.0-1015.15)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.15.0-1045.49~16.04.1)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-oracle-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1024.26~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-oracle-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-1019.19~18.04.1)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-raspi
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal
Released (5.4.0-1012.12)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-raspi-5.4
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.4.0-1013.13~18.04.1)
focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1063.67)
eoan
Released (5.3.0-1027.29)
focal Ignored
(was needs-triage now end-of-life)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.4.0-1134.143)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian
bionic
Released (5.3.0-1027.29~18.04.1)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-riscv
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal
Released (5.4.0-27.31)
precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1080.87)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.7~rc3)
xenial
Released (4.4.0-1138.146)