Launchpad CVE tracker

CVE 2020-29373

An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.

Related bugs and status

CVE-2020-29373 (Candidate) is related to these bugs:

Bug #1916046: cve-2020-29373 in cve from ubuntu_ltp failed

		In	Importance	Status
1916046	cve-2020-29373 in cve from ubuntu_ltp failed	ubuntu-kernel-tests	Undecided	New
1916046	cve-2020-29373 in cve from ubuntu_ltp failed	linux (Ubuntu)	Undecided	Fix Released
1916046	cve-2020-29373 in cve from ubuntu_ltp failed	linux (Ubuntu Hirsute)	Undecided	Fix Released
1916046	cve-2020-29373 in cve from ubuntu_ltp failed	linux (Ubuntu Groovy)	Undecided	Fix Released
1916046	cve-2020-29373 in cve from ubuntu_ltp failed	linux (Ubuntu Focal)	Undecided	New

Bug #1928028: io_uring02 from ubuntu_ltp_syscalls fails on F/oem-5.6 (timeouted / SIGKILL)

		In	Importance	Status
1928028	io_uring02 from ubuntu_ltp_syscalls fails on F/oem-5.6 (timeouted / SIGKILL)	ubuntu-kernel-tests	Undecided	Won't Fix
1928028	io_uring02 from ubuntu_ltp_syscalls fails on F/oem-5.6 (timeouted / SIGKILL)	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1928028	io_uring02 from ubuntu_ltp_syscalls fails on F/oem-5.6 (timeouted / SIGKILL)	linux-oem-5.6 (Ubuntu Focal)	Medium	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-29373

References