CVE-2020-8647: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability was discovered in the Linux kernel through version 5.5.2, specifically in the vc_do_resize function located in drivers/tty/vt/vt.c. The vulnerability was disclosed in February 2020 and affects Linux kernel systems using the virtual terminal functionality (CVE Details, Debian Security).

The vulnerability exists in the virtual terminal (VT) implementation of the Linux kernel, specifically in the vc_do_resize function's handling of resize events. When a virtual console resize operation is performed, improper memory management can lead to a use-after-free condition. The vulnerability has been assigned a CVSS 3 Severity Score of 6.1 (Medium) (Ubuntu Security).

The vulnerability could allow a local attacker with access to virtual terminals to cause a denial of service through system crashes or memory corruption. In some cases, it might also lead to privilege escalation. The issue primarily affects systems where users have access to virtual console devices (/dev/tty1 etc.) (Debian LTS).

The vulnerability has been fixed in various Linux distributions through security updates. For example, Debian fixed this in version 3.16.84-1 for Debian 8 "Jessie", Ubuntu addressed it in multiple kernel versions across different releases, and OpenSUSE provided fixes in their security updates (Debian Security, Ubuntu Security).