CVE-2020-27825 kernel: use-after-free in the ftrace ring buffer resizing logic due to a race condition

[Rohit Keshri <rkeshri () redhat com>]

Hello Team,

Red Hat has identified a vulnerability with the following details.

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux
kernel. There was a race problem in trace_open and resize of cpu buffer
running parallely on different cpus, may cause a denial of service problem
(DOS). This flaw could even allow a local attacker with special user
 privilege to a kernel information leak threat.


'CVE-2020-27825'  was assigned by Red Hat.

Acknowledgements: Adam 'pi3' Zabrocki

Thank you Adam for bringing this to our attention, and your hard work.


Reference:
https://github.com/torvalds/linux/commit/bbeb97464eefc65f506084fd9f18f21653e01137#diff-446a57a3a8781d7d3fb410eb7162dd2002dd363bf1ea936c4fd10397660033e0

Thank You. Regards
..
Rohit Keshri / Red Hat Product Security Team
PGP: OX01BC 858A 07B7 15C8 EF33 BFE2 2EEB 0CBC 84A4 4C2D

secalert () redhat com for urgent response