CVE-2020-35501 log

Source
Severity Low
Remote No
Type Insufficient validation
Description
A security issue was found in the Linux kernel. The open_by_handle_at syscall is not covered by the current file watch implementation of Auditd. This allows a local attacker with elevated privileges (CAP_DAC_READ_SEARCH capability) to read and modify files without being noticed by the implemented Auditd file watches.
Group Package Affected Fixed Severity Status Ticket
AVG-1594 linux 5.11.1.arch1-1 Low Vulnerable
References
https://www.openwall.com/lists/oss-security/2021/02/18/1
https://www.openwall.com/lists/oss-security/2021/02/18/3
Notes
The validity of this CVE is disputed.