active/CVE-2020-29569


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: Use after free triggered by block frontend in Linux blkback
References:
 https://xenbits.xen.org/xsa/advisory-350.html
 https://lore.kernel.org/lkml/20201215122606.6874-1-jgross@suse.com/
Notes:
 carnil> Introduced due a24fa22ce22a ("xen/blkback: don't use
 carnil> xen_blkif_get() in xen-blkback kthread") in 4.12-rc1 and
 carnil> backported to 4.9.36.
Bugs:
upstream: pending [1c728719a4da6e654afb9cc047164755072ed7c9]
5.10-upstream-stable: needed
4.19-upstream-stable: needed
4.9-upstream-stable: needed
sid: pending (5.9.15-1) [bugfix/all/xen-blkback-set-ring-xenblkd-to-NULL-after-kthread_s.patch]
4.19-buster-security: needed
4.9-stretch-security: needed