CVE-2020-8647 (https://nvd.nist.gov/vuln/detail/CVE-2020-8647): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
Maybe I'm missing it but I can't find a patch upstream here.
(In reply to John Helmert III from comment #1) > Maybe I'm missing it but I can't find a patch upstream here. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=513dc792d6060d5ef572e43852683097a8420f56
(In reply to Mike Pagano from comment #2) > (In reply to John Helmert III from comment #1) > > Maybe I'm missing it but I can't find a patch upstream here. > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ > ?id=513dc792d6060d5ef572e43852683097a8420f56 That seems to touch a different file than is mentioned in the CVE (drivers/tty/vt/vt.c)?
(In reply to Mike Pagano from comment #2) > (In reply to John Helmert III from comment #1) > > Maybe I'm missing it but I can't find a patch upstream here. > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ > ?id=513dc792d6060d5ef572e43852683097a8420f56 This is indeed fixed by that patch!