A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.
| Link | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2020/10/30/1 | mailing list patch exploit third party advisory |
| http://www.openwall.com/lists/oss-security/2020/11/04/3 | mailing list patch exploit third party advisory |
| https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html | third party advisory mailing list |
| https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html | third party advisory mailing list |
| https://www.openwall.com/lists/oss-security/2020/11/04/3%2C | |
| https://www.openwall.com/lists/oss-security/2020/10/30/1%2C | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893287%2C | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=90bfdeef83f1d6c696039b6a917190dcbbad3220 | mailing list third party advisory patch |
| https://security.netapp.com/advisory/ntap-20210702-0005/ | third party advisory |