What is GHSA-w2fw-m3gj-2pvm?

GHSA-w2fw-m3gj-2pvm is a security advisory published by GitHub Security Advisories with Medium severity. An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is...

Which CVE IDs does GHSA-w2fw-m3gj-2pvm cover?

GHSA-w2fw-m3gj-2pvm covers the following CVE IDs: CVE-2020-29372. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-w2fw-m3gj-2pvm?

GHSA-w2fw-m3gj-2pvm has a CVSS v3 base score of 4.7, published by GitHub Security Advisories.

GHSA-w2fw-m3gj-2pvmMediumCVSS 4.7

An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is...

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2020-29372 →

📋 Description

An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2020-29372
https://bugs.chromium.org/p/project-zero/issues/detail?id=2029
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0c4d1e176eeb614dc8734fc3ace34292771f11
http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html
https://project-zero.issues.chromium.org/issues/42451131
https://github.com/advisories/GHSA-w2fw-m3gj-2pvm