CVE-2020-10720
MEDIUMLinux Kernel < 5.2 - Use-After-Free in GRO Implementation
Title source: llmDescription
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
References (2)
Core 2
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1781204
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4270d6795b0580287453ea55974d948393e66ef
Scores
CVSS v3
5.5
EPSS
0.0032
EPSS Percentile
24.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-416
Status
published
Products (1)
linux/linux_kernel
< 5.2
Published
Sep 03, 2020
Tracked Since
Feb 18, 2026