← Voltar para CVEs
CVE-2020-14356
HIGH7.8
Descricao
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
Detalhes CVE
Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado8/19/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernelnetapp:active_iq_unified_managernetapp:cloud_backupnetapp:hci_management_nodenetapp:solidfirenetapp:solidfire_baseboard_management_controllernetapp:solidfire_baseboard_management_controller_firmwareopensuse:leapredhat:enterprise_linux
Fraquezas (CWE)
CWE-476
Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html(secalert@redhat.com)
https://bugzilla.kernel.org/show_bug.cgi?id=208003(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1868453(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html(secalert@redhat.com)
https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/(secalert@redhat.com)
https://security.netapp.com/advisory/ntap-20200904-0002/(secalert@redhat.com)
https://usn.ubuntu.com/4483-1/(secalert@redhat.com)
https://usn.ubuntu.com/4484-1/(secalert@redhat.com)
https://usn.ubuntu.com/4526-1/(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.kernel.org/show_bug.cgi?id=208003(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1868453(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html(af854a3a-2127-422b-91ae-364da2661108)
https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20200904-0002/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4483-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4484-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4526-1/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.