CVE-2020-36785

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()

The "s3a_buf" is freed along with all the other items on the "asd->s3a_stats" list. It leads to a double free and a use after free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa49d25364dfb9f8a64037488a39ab1f56c5fa419 < 51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654affected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < d218c7a0284f6b92a7b82d2e19706e18663b4193affected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < 801c1d505894008c888bc71d08d5cff5d87f8abaaffected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < 8267ccd7b9df7ab682043507dd682fe0621cf045affected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < ba11bbf303fafb33989e95473e409f6ab412b18daffected
LinuxLinux4.12affected
LinuxLinux5.8affected
LinuxLinux0 < 4.12unaffected
LinuxLinux4.18 < 5.8unaffected
LinuxLinux5.10.37 <= 5.10.*unaffected
LinuxLinux5.11.21 <= 5.11.*unaffected
LinuxLinux5.12.4 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References