4.1

CVE-2020-25656

Exploit

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.

Data is provided by the National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10
LinuxLinux Kernel Version5.10 Updaterc1
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
DebianDebian Linux Version9.0
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild12533 SwPlatformvsphere
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild12658 SwPlatformvsphere
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild12859 SwPlatformvsphere
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild13170 SwPlatformvsphere
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild13586 SwPlatformvsphere
StarwindsoftwareStarwind Virtual San Versionv8 Updatebuild13861 SwPlatformvsphere
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.01% 0.008
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.1 0.5 3.6
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:P/I:N/A:N
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://bugzilla.redhat.com/show_bug.cgi?id=1888726
Patch
Third Party Advisory
Exploit
Issue Tracking
https://lkml.org/lkml/2020/10/16/84
Third Party Advisory
Exploit
Mailing List
https://lkml.org/lkml/2020/10/29/528
Patch
Third Party Advisory
Mailing List