7.8
CVE-2020-14356
- EPSS 0.97%
- Veröffentlicht 19.08.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:03:05
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.5 < 4.9.231
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.189
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.134
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.53
Linux ≫ Linux Kernel Version >= 5.5 < 5.7.10
Redhat ≫ Enterprise Linux Version8.0
Debian ≫ Debian Linux Version9.0
Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts
Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere
Netapp ≫ Cloud Backup Version-
Netapp ≫ Hci Management Node Version-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.97% | 0.57 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
https://usn.ubuntu.com/4526-1/
https://usn.ubuntu.com/4483-1/
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html
https://bugzilla.kernel.org/show_bug.cgi?id=208003
https://bugzilla.redhat.com/show_bug.cgi?id=1868453
https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/
https://security.netapp.com/advisory/ntap-20200904-0002/
https://usn.ubuntu.com/4484-1/