CVE-2020-25669

Summary

A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.

Affected Software

VendorProductVersion RangeStatus
n/aLinux Kernel5.9.4affected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References