Description
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.
References (11)
Core 11
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5
Exploit, Mailing List, Patch, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/kernel-hardening/2020/03/25/1
Exploit, Mailing List, Patch, Third Party Advisory x_refsource_misc
https://lists.openwall.net/linux-kernel/2020/03/24/1803
Patch, Third Party Advisory x_refsource_misc
https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1822077
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4367-1/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4369-1/
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200608-0001/
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4391-1/
Scores
CVSS v3
5.3
EPSS
0.0007
EPSS Percentile
20.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-190
Status
published
Products (7)
canonical/ubuntu_linux
20.04
linux/linux_kernel
< 5.6.5
redhat/enterprise_linux
5.0
redhat/enterprise_linux
6.0
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
redhat/enterprise_mrg
2.0
Published
May 12, 2020
Tracked Since
Feb 18, 2026