Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-466
Vulnerability from certfr_avis - Published: 2020-07-28 - Updated: 2020-07-28
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19036",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19036"
},
{
"name": "CVE-2019-19462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19462"
},
{
"name": "CVE-2020-10732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10732"
},
{
"name": "CVE-2020-13974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13974"
},
{
"name": "CVE-2020-10767",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10767"
},
{
"name": "CVE-2019-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12380"
},
{
"name": "CVE-2020-10768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10768"
},
{
"name": "CVE-2020-15780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15780"
},
{
"name": "CVE-2019-16089",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16089"
},
{
"name": "CVE-2019-20908",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20908"
},
{
"name": "CVE-2020-11935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11935"
},
{
"name": "CVE-2020-10766",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10766"
},
{
"name": "CVE-2020-10757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10757"
},
{
"name": "CVE-2019-20810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20810"
}
],
"initial_release_date": "2020-07-28T00:00:00",
"last_revision_date": "2020-07-28T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-466",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4440-1 du 27 juillet 2020",
"url": "https://ubuntu.com/security/notices/USN-4440-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4439-1 du 27 juillet 2020",
"url": "https://ubuntu.com/security/notices/USN-4439-1"
}
]
}
CVE-2020-10768 (GCVE-0-2020-10768)
Vulnerability from cvelistv5 – Published: 2020-09-15 23:13 – Updated: 2024-08-04 11:14
VLAI
EPSS
Summary
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.
Severity
5.5 (Medium)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Linux Kernel | kernel |
Affected:
before 5.8-rc1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:14:15.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "Linux Kernel",
"versions": [
{
"status": "affected",
"version": "before 5.8-rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-440",
"description": "CWE-440",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-15T23:13:30.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-10768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "before 5.8-rc1"
}
]
}
}
]
},
"vendor_name": "Linux Kernel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-440"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-10768",
"datePublished": "2020-09-15T23:13:30.000Z",
"dateReserved": "2020-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:14:15.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11935 (GCVE-0-2020-11935)
Vulnerability from cvelistv5 – Published: 2023-04-07 00:00 – Updated: 2024-08-04 11:42
VLAI
EPSS
Title
aufs: improperly managed inode reference counts in the vfsub_dentry_open() method
Summary
It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.
Severity
4.4 (Medium)
CWE
- CWE-911 - Improper Update of Reference Count
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ubuntu.com/security/CVE-2020-11935 | vendor-advisory |
| https://bugs.launchpad.net/bugs/1873074 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubuntu | Linux kernel (aufs filesystem module) |
Unaffected:
4.4.0-186.216 , < 4.4*
(custom)
Unaffected: 4.15.0-112.113 , < 4.15* (custom) Unaffected: 5.4.0-42.46 , < 5.4* (custom) |
Credits
Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Ubuntu Security CVE-2020-11935",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2020-11935"
},
{
"name": "Launchpad Bug 1873074",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://bugs.launchpad.net/bugs/1873074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel (aufs filesystem module)",
"vendor": "Ubuntu",
"versions": [
{
"lessThan": "4.4*",
"status": "unaffected",
"version": "4.4.0-186.216",
"versionType": "custom"
},
{
"lessThan": "4.15*",
"status": "unaffected",
"version": "4.15.0-112.113",
"versionType": "custom"
},
{
"lessThan": "5.4*",
"status": "unaffected",
"version": "5.4.0-42.46",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service."
}
],
"descriptions": [
{
"lang": "en",
"value": "It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-911",
"description": "CWE-911 Improper Update of Reference Count",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-07T00:00:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "Ubuntu Security CVE-2020-11935",
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/CVE-2020-11935"
},
{
"name": "Launchpad Bug 1873074",
"tags": [
"vendor-advisory"
],
"url": "https://bugs.launchpad.net/bugs/1873074"
}
],
"source": {
"defect": [
"LP#1873074"
],
"discovery": "USER"
},
"title": "aufs: improperly managed inode reference counts in the vfsub_dentry_open() method",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2020-11935",
"datePublished": "2023-04-07T00:00:00.000Z",
"dateReserved": "2020-04-20T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:42:00.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13974 (GCVE-0-2020-13974)
Vulnerability from cvelistv5 – Published: 2020-06-09 04:06 – Updated: 2024-08-04 12:32
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://usn.ubuntu.com/4427-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4439-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4440-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4483-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4485-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://lkml.org/lkml/2020/3/22/482 | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0935",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
},
{
"name": "USN-4427-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"name": "USN-4439-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4440-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
},
{
"name": "USN-4483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4483-1/"
},
{
"name": "USN-4485-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4485-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lkml.org/lkml/2020/3/22/482"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad0bf9ce93fa40b667eccd3306783f4db4b932b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:14:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2020:0935",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
},
{
"name": "USN-4427-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"name": "USN-4439-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4440-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
},
{
"name": "USN-4483-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4483-1/"
},
{
"name": "USN-4485-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4485-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lkml.org/lkml/2020/3/22/482"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad0bf9ce93fa40b667eccd3306783f4db4b932b"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0935",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
},
{
"name": "USN-4427-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4427-1/"
},
{
"name": "USN-4439-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4440-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
},
{
"name": "USN-4483-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4483-1/"
},
{
"name": "USN-4485-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4485-1/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
},
{
"name": "https://lkml.org/lkml/2020/3/22/482",
"refsource": "MISC",
"url": "https://lkml.org/lkml/2020/3/22/482"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad0bf9ce93fa40b667eccd3306783f4db4b932b",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad0bf9ce93fa40b667eccd3306783f4db4b932b"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13974",
"datePublished": "2020-06-09T04:06:41.000Z",
"dateReserved": "2020-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15780 (GCVE-0-2020-15780)
Vulnerability from cvelistv5 – Published: 2020-07-15 21:24 – Updated: 2024-08-04 13:22
VLAI
EPSS
Summary
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
14 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:22:30.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/06/15/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7"
},
{
"name": "[oss-security] 20200720 Re: Re: lockdown bypass on mainline kernel for loading unsigned modules",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/20/7"
},
{
"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"
},
{
"name": "[oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/3"
},
{
"name": "[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/2"
},
{
"name": "USN-4425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"name": "USN-4439-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4426-1/"
},
{
"name": "USN-4440-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "openSUSE-SU-2020:1236",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T05:06:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/06/15/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7"
},
{
"name": "[oss-security] 20200720 Re: Re: lockdown bypass on mainline kernel for loading unsigned modules",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/20/7"
},
{
"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"
},
{
"name": "[oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/3"
},
{
"name": "[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/2"
},
{
"name": "USN-4425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"name": "USN-4439-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4426-1/"
},
{
"name": "USN-4440-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "openSUSE-SU-2020:1236",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh",
"refsource": "MISC",
"url": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/06/15/3",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/06/15/3"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354"
},
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7"
},
{
"name": "[oss-security] 20200720 Re: Re: lockdown bypass on mainline kernel for loading unsigned modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/20/7"
},
{
"name": "[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/29/3"
},
{
"name": "[oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/3"
},
{
"name": "[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/30/2"
},
{
"name": "USN-4425-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4425-1/"
},
{
"name": "USN-4439-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4439-1/"
},
{
"name": "USN-4426-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4426-1/"
},
{
"name": "USN-4440-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4440-1/"
},
{
"name": "openSUSE-SU-2020:1153",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"name": "openSUSE-SU-2020:1236",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15780",
"datePublished": "2020-07-15T21:24:16.000Z",
"dateReserved": "2020-07-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:22:30.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…