Re: Linux Kernel 5.7.9 DRM Double Free

[Greg KH <greg () kroah com>]

On Wed, Aug 19, 2020 at 05:55:16PM +0200, Greg KH wrote:
> On Wed, Aug 19, 2020 at 03:42:33PM +0000, zdi-disclosures () trendmicro com wrote:
> > The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence 
> > of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate 
> > privileges and execute code in the context of the kernel.
>
> Note, this "vulnerability" was only accessible by root, so there's not
> all that many privileges that could really be escalated there.  Don't
> know why the original poster did not say that here, as they acknowledged
> it in the "bug report" they sent many of us.

And to be specific, as I was asked, this was only an issue in the
nouveau drm driver, not in the DRM "core" at all.  So only that one
driver was affected.

thanks,

greg k-h