Rewterz Threat Alert – Chinese Cyber Espionage Group BlackTech Using BendyBear Shellcode
February 11, 2021Rewterz Threat Advisory – CVE-2020-17525 – Apache Subversion denial of service
February 11, 2021Rewterz Threat Alert – Chinese Cyber Espionage Group BlackTech Using BendyBear Shellcode
February 11, 2021Rewterz Threat Advisory – CVE-2020-17525 – Apache Subversion denial of service
February 11, 2021Severity
Medium
Analysis Summary
CVE-2021-20200
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw due to a race problem while in detach_vmas_to_be_unmapped function in mm/mmap.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
Impact
Denial of Service
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.4
- Linux Kernel 5.7.0
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.