{"containers":{"cna":{"affected":[{"product":"Linux kernel","vendor":"Canonical","versions":[{"lessThan":"5.4.0-51.56","status":"affected","version":"5.4 kernel","versionType":"custom"},{"lessThan":"5.3.0-68.63","status":"affected","version":"5.3 kernel","versionType":"custom"},{"lessThan":"4.15.0-121.123","status":"affected","version":"4.15 kernel","versionType":"custom"},{"lessThan":"4.4.0-193.224","status":"affected","version":"4.4 kernel","versionType":"custom"},{"lessThan":"3.13.0.182.191","status":"affected","version":"3.13 kernel","versionType":"custom"},{"lessThan":"3.2.0-149.196","status":"affected","version":"3.2 kernel","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Hador Manor"}],"datePublic":"2020-10-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-416","description":"CWE-416 Use After Free","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-12-17T00:06:36.000Z","orgId":"cc1ad9ee-3454-478d-9317-d3e869d708bc","shortName":"canonical"},"references":[{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://launchpad.net/bugs/1883840"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://ubuntu.com/USN-4576-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://ubuntu.com/USN-4577-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://ubuntu.com/USN-4578-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://ubuntu.com/USN-4579-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://ubuntu.com/USN-4580-1"},{"tags":["x_refsource_CONFIRM"],"url":"https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza%40canonical.com/T/"},{"tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20210304-0006/"},{"name":"DSA-4978","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2021/dsa-4978"},{"name":"[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"},{"name":"[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"}],"source":{"advisory":"https://ubuntu.com/USN-4576-1","defect":["https://launchpad.net/bugs/1883840"],"discovery":"USER"},"title":"DCCP CCID structure use-after-free","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"","ASSIGNER":"security@ubuntu.com","DATE_PUBLIC":"2020-10-13T16:00:00.000Z","ID":"CVE-2020-16119","STATE":"PUBLIC","TITLE":"DCCP CCID structure use-after-free"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Linux kernel","version":{"version_data":[{"platform":"","version_affected":"<","version_name":"5.4 kernel","version_value":"5.4.0-51.56"},{"platform":"","version_affected":"<","version_name":"5.3 kernel","version_value":"5.3.0-68.63"},{"platform":"","version_affected":"<","version_name":"4.15 kernel","version_value":"4.15.0-121.123"},{"platform":"","version_affected":"<","version_name":"4.4 kernel","version_value":"4.4.0-193.224"},{"platform":"","version_affected":"<","version_name":"3.13 kernel","version_value":"3.13.0.182.191"},{"platform":"","version_affected":"<","version_name":"3.2 kernel","version_value":"3.2.0-149.196"}]}}]},"vendor_name":"Canonical"}]}},"configuration":[],"credit":[{"lang":"eng","value":"Hador Manor"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196."}]},"exploit":[],"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-416 Use After Free"}]}]},"references":{"reference_data":[{"name":"https://launchpad.net/bugs/1883840","refsource":"UBUNTU","url":"https://launchpad.net/bugs/1883840"},{"name":"https://ubuntu.com/USN-4576-1","refsource":"UBUNTU","url":"https://ubuntu.com/USN-4576-1"},{"name":"https://ubuntu.com/USN-4577-1","refsource":"UBUNTU","url":"https://ubuntu.com/USN-4577-1"},{"name":"https://ubuntu.com/USN-4578-1","refsource":"UBUNTU","url":"https://ubuntu.com/USN-4578-1"},{"name":"https://ubuntu.com/USN-4579-1","refsource":"UBUNTU","url":"https://ubuntu.com/USN-4579-1"},{"name":"https://ubuntu.com/USN-4580-1","refsource":"UBUNTU","url":"https://ubuntu.com/USN-4580-1"},{"name":"https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/","refsource":"CONFIRM","url":"https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/"},{"name":"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695","refsource":"UBUNTU","url":"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695"},{"name":"https://security.netapp.com/advisory/ntap-20210304-0006/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20210304-0006/"},{"name":"DSA-4978","refsource":"DEBIAN","url":"https://www.debian.org/security/2021/dsa-4978"},{"name":"[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"},{"name":"[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"}]},"solution":[],"source":{"advisory":"https://ubuntu.com/USN-4576-1","defect":["https://launchpad.net/bugs/1883840"],"discovery":"USER"},"work_around":[]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T13:37:53.448Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://launchpad.net/bugs/1883840"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://ubuntu.com/USN-4576-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://ubuntu.com/USN-4577-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://ubuntu.com/USN-4578-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://ubuntu.com/USN-4579-1"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://ubuntu.com/USN-4580-1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza%40canonical.com/T/"},{"tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20210304-0006/"},{"name":"DSA-4978","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2021/dsa-4978"},{"name":"[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"},{"name":"[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"}]}]},"cveMetadata":{"assignerOrgId":"cc1ad9ee-3454-478d-9317-d3e869d708bc","assignerShortName":"canonical","cveId":"CVE-2020-16119","datePublished":"2021-01-14T01:10:20.401Z","dateReserved":"2020-07-29T00:00:00.000Z","dateUpdated":"2024-09-16T18:19:48.160Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}