CVE-2020-8832

EPSS 0.59%
Published 10.04.2020 00:15:11
Last modified 21.11.2024 05:39:31
Source security@ubuntu.com
Teams watchlist Login
Open Login

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Netapp ≫ Cloud Backup Version-

Netapp ≫ Solidfire & Hci Management Node Version-

Netapp ≫ Steelstore Cloud Integrated Storage Version-

Netapp ≫ Aff 8300 Firmware Version-

Netapp ≫ Aff 8300 Version-

Netapp ≫ Aff 8700 Firmware Version-

Netapp ≫ Aff 8700 Version-

Netapp ≫ Aff A220 Firmware Version-

Netapp ≫ Aff A220 Version-

Netapp ≫ Aff A320 Firmware Version-

Netapp ≫ Aff A320 Version-

Netapp ≫ Aff A400 Firmware Version-

Netapp ≫ Aff A400 Version-

Netapp ≫ Aff A700s Firmware Version-

Netapp ≫ Aff A700s Version-

Netapp ≫ Aff C190 Firmware Version-

Netapp ≫ Aff C190 Version-

Netapp ≫ H300e Firmware Version-

Netapp ≫ H300e Version-

Netapp ≫ H300s Firmware Version-

Netapp ≫ H300s Version-

Netapp ≫ H410c Firmware Version-

Netapp ≫ H410c Version-

Netapp ≫ H410s Firmware Version-

Netapp ≫ H410s Version-

Netapp ≫ H500e Firmware Version-

Netapp ≫ H500e Version-

Netapp ≫ H500s Firmware Version-

Netapp ≫ H500s Version-

Netapp ≫ H610c Firmware Version-

Netapp ≫ H610c Version-

Netapp ≫ H610s Firmware Version-

Netapp ≫ H610s Version-

Netapp ≫ H615c Firmware Version-

Netapp ≫ H615c Version-

Netapp ≫ H700e Firmware Version-

Netapp ≫ H700e Version-

Netapp ≫ H700s Firmware Version-

Netapp ≫ H700s Version-

Netapp ≫ Fas2720 Firmware Version-

Netapp ≫ Fas2720 Version-

Netapp ≫ Fas2750 Firmware Version-

Netapp ≫ Fas2750 Version-

Netapp ≫ Fas8300 Firmware Version-

Netapp ≫ Fas8300 Version-

Netapp ≫ Fas8700 Firmware Version-

Netapp ≫ Fas8700 Version-

Netapp ≫ Fas Baseboard Management Controller A220 Firmware Version-

Netapp ≫ Fas Baseboard Management Controller A220 Version-

Netapp ≫ Fas Baseboard Management Controller A320 Firmware Version-

Netapp ≫ Fas Baseboard Management Controller A320 Version-

Netapp ≫ Fas Baseboard Management Controller A400 Firmware Version-

Netapp ≫ Fas Baseboard Management Controller A400 Version-

Netapp ≫ Fas Baseboard Management Controller A800 Firmware Version-

Netapp ≫ Fas Baseboard Management Controller A800 Version-

Netapp ≫ Fas Baseboard Management Controller C190 Firmware Version-

Netapp ≫ Fas Baseboard Management Controller C190 Version-

Netapp ≫ Solidfire Baseboard Management Controller Firmware Version-

Netapp ≫ Solidfire Baseboard Management Controller Version-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.59%	0.683

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N
security@ubuntu.com	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://security.netapp.com/advisory/ntap-20200430-0004/

Third Party Advisory

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840

Third Party Advisory

Issue Tracking

https://usn.ubuntu.com/usn/usn-4302-1

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8832

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8832

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8832

EUVD