CVE-2020-11935

Summary

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

Affected Software

VendorProductVersion RangeStatus
UbuntuLinux kernel (aufs filesystem module)4.4.0-186.216 < 4.4*unaffected
UbuntuLinux kernel (aufs filesystem module)4.15.0-112.113 < 4.15*unaffected
UbuntuLinux kernel (aufs filesystem module)5.4.0-42.46 < 5.4*unaffected

Weaknesses

  • CWE-911: CWE-911 Improper Update of Reference Count

ADP Enrichment

CVE Program Container

Additional References

References