Unrated severityNVD Advisory· Published Feb 25, 2020· Updated Aug 4, 2024
CVE-2020-9391
CVE-2020-9391
Description
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Linux/Linux kerneldescription
- Range: >=5.4, <=5.5.6
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4LH35HOPBJIKYHYFXMBBM75DN75PZHZ/mitrevendor-advisoryx_refsource_FEDORA
- www.openwall.com/lists/oss-security/2020/02/25/6mitremailing-listx_refsource_MLIST
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20200313-0003/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.