CVE-2020-16119

CVSS v3.1 7.8 (High)

CVSS v2.0 4.6 (Medium)

EPSS 0.04 % (5^th)

Affected Products 3

Advisories 19

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: Canonical Ltd.
Published Date: 2021-01-14 01:15:13
(3 years ago)
Updated Date: 2023-11-07 03:18:11
(10 months ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Linux Kernel	cpe:2.3:o:linux:linux_kernel:-

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:lts
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 20.04	cpe:2.3:o:canonical:ubuntu_linux:20.04:::*:lts

Configuration #3

		CPE23	From	Up To
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0

Weaknesses

Affected Products

Canonical

Debian

Linux

Configuration #1

Configuration #2

Configuration #3