VYPR
Unrated severityNVD Advisory· Published Jan 28, 2020· Updated Aug 4, 2024

CVE-2020-8428

CVE-2020-8428

Description

fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

102

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.