Login Sign Up

CVE-2020-12657

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's BFQ I/O scheduler. Attackers with local access can exploit this to cause denial of service or potentially execute arbitrary code with kernel privileges. Systems running Linux kernels before version 5.6.5 with BFQ scheduler enabled are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: All versions before 5.6.5
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if BFQ I/O scheduler is enabled (bfq is not the default scheduler in most distributions).

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution leading to complete system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

Limited to denial of service if kernel hardening features are enabled.

🌐 Internet-Facing: LOW - Requires local access to exploit.
🏢 Internal Only: MEDIUM - Local users or compromised accounts could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and BFQ scheduler to be active. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel 5.6.5 and later

Vendor Advisory: http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

Restart Required: Yes

Instructions:

1. Update kernel to version 5.6.5 or later. 2. For distributions: Use package manager (apt/yum/dnf) to install latest kernel. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable BFQ scheduler

linux

Switch from BFQ to another I/O scheduler like deadline or noop

echo deadline > /sys/block/[device]/queue/scheduler

🧯 If You Can't Patch

  • Restrict local user access to systems with BFQ enabled
  • Implement strict access controls and monitoring for local privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if BFQ scheduler is active: uname -r and check /sys/block/*/queue/scheduler

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is 5.6.5 or later: uname -r

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • OOM killer activity
  • System crash/reboot logs

Network Indicators:

  • None - local exploit only

SIEM Query:

Search for kernel panic or system crash events in system logs

📊 Metadata

CVE ID: CVE-2020-12657
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: May 5, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-12657, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)