CVE-2020-29368

Description

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

CVSS Metrics

• v3.1•HIGH•Score: 7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
• v2.0•MEDIUM•Score: 6.9AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.10%• Percentile: 28%

Techniques & Countermeasures

• CWE-362•Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

  The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Systems

• linux•linux_kernel

  ≥ 4.5.5, < 4.9.228 | ≥ 4.10, < 4.14.185 | ≥ 4.15, < 4.19.129 | ≥ 4.20, < 5.4.48 | ≥ 5.5, < 5.7.5

• netapp•cloud_backup

  na

• netapp•element_software

  na

• netapp•h410c_firmware

  na

• netapp•hci_bootstrap_os

  na

• netapp•hci_management_node

  na

• netapp•solidfire

  na

References (4)

• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
• https://security.netapp.com/advisory/ntap-20210108-0002/