usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-2241-1 linux security update
Debian DLA Debian DLA DLA-2241-2 linux security update
Debian DLA Debian DLA DLA-2242-1 linux-4.9 security update
Debian DSA Debian DSA DSA-4698-1 linux security update
Debian DSA Debian DSA DSA-4699-1 linux security update
EUVD EUVD EUVD-2020-4773 usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Ubuntu USN Ubuntu USN USN-4387-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-4388-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-4389-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-4390-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-4391-1 Linux kernel vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00078}

epss

{'score': 0.00056}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T11:56:52.059Z

Reserved: 2020-04-29T00:00:00

Link: CVE-2020-12464

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-04-29T18:15:13.597

Modified: 2024-11-21T04:59:45.340

Link: CVE-2020-12464

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-03-23T00:00:00Z

Links: CVE-2020-12464 - Bugzilla

cve-icon OpenCVE Enrichment

No data.