CVE-2020-12464

Published April 29th, 2020

View on NVD ↗

CVSS v3

6.7

MEDIUM

CVSS v2

7.2

HIGH

Affected

PROJECT

Description

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

torvalds/linux

Linux kernel source tree

GitHub

237K