CVE-2020-29374
Publication date 28 November 2020
Last updated 24 July 2024
Ubuntu priority
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
From the Ubuntu Security Team
It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | ||
| 20.04 LTS focal |
Fixed 5.4.0-45.49
|
|
| 18.04 LTS bionic |
Fixed 4.15.0-136.140
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-203.235
|
|
| 14.04 LTS trusty | Ignored | |
| linux-aws | ||
| 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
|
| 18.04 LTS bionic |
Fixed 4.15.0-1094.101
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1122.136
|
|
| 14.04 LTS trusty |
Fixed 4.4.0-1086.90
|
|
| linux-aws-5.0 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-hwe | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Fixed 4.15.0-1094.101~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-azure | ||
| 20.04 LTS focal |
Fixed 5.4.0-1023.23
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Fixed 4.15.0-1108.120~16.04.1
|
|
| 14.04 LTS trusty |
Fixed 4.15.0-1108.120~14.04.1
|
|
| linux-azure-4.15 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 4.15.0-1108.120
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-1023.23~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-edge | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-dell300x | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 4.15.0-1012.16
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp | ||
| 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Fixed 4.15.0-1093.106~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-gcp-4.15 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 4.15.0-1093.106
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-edge | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-4.15 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 4.15.0-1079.84
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.0 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.3.0-1032.34~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gkeop | ||
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gkeop-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Fixed 4.15.0-136.140~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-hwe-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-45.49~18.04.2
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe-5.8 | ||
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-kvm | ||
| 20.04 LTS focal |
Fixed 5.4.0-1021.21
|
|
| 18.04 LTS bionic |
Fixed 4.15.0-1085.87
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1088.97
|
|
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-xenial | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty |
Fixed 4.4.0-203.235~14.04.1
|
|
| linux-oem | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-5.10 | ||
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-5.6 | ||
| 20.04 LTS focal |
Fixed 5.6.0-1020.20
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-osp1 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle | ||
| 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
|
| 18.04 LTS bionic |
Fixed 4.15.0-1065.73
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1065.73~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.0 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi | ||
| 20.04 LTS focal |
Fixed 5.4.0-1016.17
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi-5.4 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.4.0-1016.17~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | ||
| 20.04 LTS focal | Ignored | |
| 18.04 LTS bionic |
Fixed 4.15.0-1079.84
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1146.156
|
|
| 14.04 LTS trusty | Not in release | |
| linux-raspi2-5.3 | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 5.3.0-1030.32~18.04.2
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-riscv | ||
| 20.04 LTS focal |
Fixed 5.4.0-31.35
|
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-snapdragon | ||
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Fixed 4.15.0-1096.105
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1150.160
|
|
| 14.04 LTS trusty | Not in release |
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProSeverity score breakdown
| Parameter | Value |
|---|---|
| Base score |
3.6 · Low
|
| Attack vector | Local |
| Attack complexity | High |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity impact | Low |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-4748-1
- Linux kernel vulnerabilities
- 25 February 2021
- USN-4749-1
- Linux kernel vulnerabilities
- 25 February 2021
Other references
- https://git.kernel.org/linus/17839856fd588f4ab6b789f482ed3ffd7c403e1f
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f
- https://www.cve.org/CVERecord?id=CVE-2020-29374