Vulnerability-Lookup

WID-SEC-W-2022-1614

Vulnerability from csaf_certbund - Published: 2020-05-10 22:00 - Updated: 2025-12-09 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff oder einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff oder einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-1614 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1614.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-1614 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1614"
      },
      {
        "category": "external",
        "summary": "NATIONAL VULNERABILITY DATABASE vom 2020-05-10",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12771"
      },
      {
        "category": "external",
        "summary": "NATIONAL VULNERABILITY DATABASE vom 2020-05-10",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12770"
      },
      {
        "category": "external",
        "summary": "NATIONAL VULNERABILITY DATABASE vom 2020-05-10",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12768"
      },
      {
        "category": "external",
        "summary": "NATIONAL VULNERABILITY DATABASE vom 2020-05-10",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20794"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1587-1 vom 2020-06-10",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006912.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4699-1 vom 2020-06-09",
        "url": "https://lists.debian.org/debian-security-announce/2020/msg00103.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4698-1 vom 2020-06-09",
        "url": "https://lists.debian.org/debian-security-announce/2020/msg00102.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1603-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006927.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006930.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA 2241 vom 2020-06-10",
        "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202006/msg00013.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006924.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006932.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006921.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006928.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006929.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:1604-1 vom 2020-06-11",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006931.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA 2242 vom 2020-06-10",
        "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202006/msg00012.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4411-1 vom 2020-07-03",
        "url": "https://usn.ubuntu.com/4411-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4413-1 vom 2020-07-03",
        "url": "https://ubuntu.com/security/notices/USN-4413-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4414-1 vom 2020-07-03",
        "url": "https://ubuntu.com/security/notices/USN-4414-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4412-1 vom 2020-07-03",
        "url": "https://usn.ubuntu.com/4412-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4413-1 vom 2020-07-03",
        "url": "https://usn.ubuntu.com/4413-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4419-1 vom 2020-07-06",
        "url": "https://ubuntu.com/security/notices/USN-4419-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4419-1 vom 2020-07-06",
        "url": "https://usn.ubuntu.com/4419-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2027-1 vom 2020-07-23",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-July/007172.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2106-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007214.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2105-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007213.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2105-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007215.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2107-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007216.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2107-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007212.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2106-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007209.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2103-1 vom 2020-08-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007208.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2122-1 vom 2020-08-05",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007224.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2122-1 vom 2020-08-05",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007225.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2121-1 vom 2020-08-04",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007219.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2119-1 vom 2020-08-04",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007218.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2121-1 vom 2020-08-04",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007220.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2134-1 vom 2020-08-05",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007227.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2152-1 vom 2020-08-06",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007235.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2156-1 vom 2020-08-07",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007238.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2323 vom 2020-08-12",
        "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00019.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4462-1 vom 2020-08-18",
        "url": "https://usn.ubuntu.com/4462-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4463-1 vom 2020-08-18",
        "url": "https://usn.ubuntu.com/4463-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4465-1 vom 2020-08-19",
        "url": "https://ubuntu.com/security/notices/USN-4465-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4483-1 vom 2020-09-02",
        "url": "https://usn.ubuntu.com/4483-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4485-1 vom 2020-09-02",
        "url": "https://usn.ubuntu.com/4485-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2478-1 vom 2020-09-03",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007345.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2487-1 vom 2020-09-04",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007352.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4526-1 vom 2020-09-22",
        "url": "https://ubuntu.com/security/notices/USN-4526-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4062 vom 2020-09-29",
        "url": "https://access.redhat.com/errata/RHSA-2020:4062"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4060 vom 2020-09-29",
        "url": "https://access.redhat.com/errata/RHSA-2020:4060"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2020-140 vom 2020-10-14",
        "url": "https://downloads.avaya.com/css/P8/documents/101071393"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2420 vom 2020-10-30",
        "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202010/msg00032.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2420 vom 2020-10-31",
        "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202010/msg00034.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4431 vom 2020-11-04",
        "url": "https://access.redhat.com/errata/RHSA-2020:4431"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4609 vom 2020-11-04",
        "url": "https://access.redhat.com/errata/RHSA-2020:4609"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:5206 vom 2020-11-24",
        "url": "https://access.redhat.com/errata/RHSA-2020:5206"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2020-155 vom 2020-12-08",
        "url": "https://downloads.avaya.com/css/P8/documents/101072832"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:5430 vom 2020-12-15",
        "url": "https://access.redhat.com/errata/RHSA-2020:5430"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:5656 vom 2020-12-22",
        "url": "https://access.redhat.com/errata/RHSA-2020:5656"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3179-1 vom 2021-09-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-September/009475.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3217-1 vom 2021-09-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-September/009503.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3205-1 vom 2021-09-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-September/009505.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3206-1 vom 2021-09-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-September/009499.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-9473 vom 2021-10-08",
        "url": "http://linux.oracle.com/errata/ELSA-2021-9473.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2021-0035 vom 2021-10-12",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-October/001033.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3415-1 vom 2021-10-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-October/009591.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3205-2 vom 2021-10-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-October/009590.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3876-1 vom 2021-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009810.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3969-1 vom 2021-12-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009871.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:3972-1 vom 2021-12-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009872.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2022-013 vom 2022-01-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-013.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2022-012 vom 2022-01-31",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-012.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:14905-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010396.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9852 vom 2022-10-04",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9852.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2022-0026 vom 2022-10-11",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2022-October/001062.html"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20200608-0001 vom 2025-12-10",
        "url": "https://security.netapp.com/advisory/NTAP-20200608-0001"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-09T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-10T07:50:36.551+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2022-1614",
      "initial_release_date": "2020-05-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-05-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2020-05-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-4C69987C40"
        },
        {
          "date": "2020-05-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-C6B9FFF7F8, FEDORA-2020-5A69DECC0C"
        },
        {
          "date": "2020-06-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2020-06-11T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2020-07-02T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-07-06T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-07-23T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-03T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-04T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-05T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-06T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-12T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2020-08-17T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-08-18T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-09-01T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-09-03T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-09-06T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-09-21T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-09-29T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-10-13T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2020-11-01T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2020-11-03T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-11-23T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-12-09T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2020-12-14T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-12-21T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-09-21T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-09-23T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-10-10T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2021-10-11T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von ORACLE aufgenommen"
        },
        {
          "date": "2021-10-13T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-12-02T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-12-07T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-12-08T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-01-30T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2022-03-08T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-10-04T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-10-11T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von ORACLE aufgenommen"
        },
        {
          "date": "2025-12-09T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von NetApp aufgenommen"
        }
      ],
      "status": "final",
      "version": "40"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Avaya Aura Application Enablement Services",
            "product": {
              "name": "Avaya Aura Application Enablement Services",
              "product_id": "T015516",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Communication Manager",
            "product": {
              "name": "Avaya Aura Communication Manager",
              "product_id": "T015126",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:communication_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Experience Portal",
            "product": {
              "name": "Avaya Aura Experience Portal",
              "product_id": "T015519",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_experience_portal:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Session Manager",
            "product": {
              "name": "Avaya Aura Session Manager",
              "product_id": "T015127",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:session_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura System Manager",
            "product": {
              "name": "Avaya Aura System Manager",
              "product_id": "T015518",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_system_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Web License Manager",
            "product": {
              "name": "Avaya Web License Manager",
              "product_id": "T016243",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:web_license_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Avaya"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "T025152",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=5.6.11",
                "product": {
                  "name": "Open Source Linux Kernel \u003c=5.6.11",
                  "product_id": "T016498"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=5.6.11",
                "product": {
                  "name": "Open Source Linux Kernel \u003c=5.6.11",
                  "product_id": "T016498-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-20794",
      "product_status": {
        "known_affected": [
          "T015519",
          "T025152",
          "T015518",
          "67646",
          "T015516",
          "T015127",
          "T015126",
          "T004914",
          "T016498",
          "T016243",
          "2951",
          "T002207",
          "T000126",
          "398363"
        ]
      },
      "release_date": "2020-05-10T22:00:00.000+00:00",
      "title": "CVE-2019-20794"
    },
    {
      "cve": "CVE-2020-12768",
      "product_status": {
        "known_affected": [
          "T015519",
          "T025152",
          "T015518",
          "67646",
          "T015516",
          "T015127",
          "T015126",
          "T004914",
          "T016498",
          "T016243",
          "2951",
          "T002207",
          "T000126",
          "398363"
        ]
      },
      "release_date": "2020-05-10T22:00:00.000+00:00",
      "title": "CVE-2020-12768"
    },
    {
      "cve": "CVE-2020-12770",
      "product_status": {
        "known_affected": [
          "T015519",
          "T025152",
          "T015518",
          "67646",
          "T015516",
          "T015127",
          "T015126",
          "T004914",
          "T016498",
          "T016243",
          "2951",
          "T002207",
          "T000126",
          "398363"
        ]
      },
      "release_date": "2020-05-10T22:00:00.000+00:00",
      "title": "CVE-2020-12770"
    },
    {
      "cve": "CVE-2020-12771",
      "product_status": {
        "known_affected": [
          "T015519",
          "T025152",
          "T015518",
          "67646",
          "T015516",
          "T015127",
          "T015126",
          "T004914",
          "T016498",
          "T016243",
          "2951",
          "T002207",
          "T000126",
          "398363"
        ]
      },
      "release_date": "2020-05-10T22:00:00.000+00:00",
      "title": "CVE-2020-12771"
    }
  ]
}

CVE-2020-12768 (GCVE-0-2020-12768)

Vulnerability from cvelistv5 – Published: 2020-05-09 20:16 – Updated: 2024-08-04 12:04 Disputed

Summary

An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/t…	x_refsource_CONFIRM
	https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan…	x_refsource_CONFIRM
	https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3	x_refsource_MISC
	https://www.debian.org/security/2020/dsa-4699	vendor-advisoryx_refsource_DEBIAN
	https://usn.ubuntu.com/4413-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4411-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4412-1/	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:04:22.878Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3"
          },
          {
            "name": "DSA-4699",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4699"
          },
          {
            "name": "USN-4413-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4413-1/"
          },
          {
            "name": "USN-4411-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4411-1/"
          },
          {
            "name": "USN-4412-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4412-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it\u0027s a one-time leak at the boot, the size is negligible, and it can\u0027t be triggered at will"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-15T18:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3"
        },
        {
          "name": "DSA-4699",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4699"
        },
        {
          "name": "USN-4413-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4413-1/"
        },
        {
          "name": "USN-4411-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4411-1/"
        },
        {
          "name": "USN-4412-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4412-1/"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-12768",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it\u0027s a one-time leak at the boot, the size is negligible, and it can\u0027t be triggered at will."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3",
              "refsource": "MISC",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3"
            },
            {
              "name": "DSA-4699",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4699"
            },
            {
              "name": "USN-4413-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4413-1/"
            },
            {
              "name": "USN-4411-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4411-1/"
            },
            {
              "name": "USN-4412-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4412-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12768",
    "datePublished": "2020-05-09T20:16:53",
    "dateReserved": "2020-05-09T00:00:00",
    "dateUpdated": "2024-08-04T12:04:22.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-12771 (GCVE-0-2020-12771)

Vulnerability from cvelistv5 – Published: 2020-05-09 20:16 – Updated: 2024-08-04 12:04

Summary

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4463-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4465-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4462-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4483-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4485-1/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2020060…	x_refsource_CONFIRM
	https://lkml.org/lkml/2020/4/26/87	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:04:22.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:1062",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html"
          },
          {
            "name": "openSUSE-SU-2020:1153",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
          },
          {
            "name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
          },
          {
            "name": "USN-4463-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4463-1/"
          },
          {
            "name": "USN-4465-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4465-1/"
          },
          {
            "name": "USN-4462-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4462-1/"
          },
          {
            "name": "USN-4483-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4483-1/"
          },
          {
            "name": "USN-4485-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4485-1/"
          },
          {
            "name": "[debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html"
          },
          {
            "name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2020/4/26/87"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-14T17:20:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:1062",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html"
        },
        {
          "name": "openSUSE-SU-2020:1153",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
        },
        {
          "name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
        },
        {
          "name": "USN-4463-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4463-1/"
        },
        {
          "name": "USN-4465-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4465-1/"
        },
        {
          "name": "USN-4462-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4462-1/"
        },
        {
          "name": "USN-4483-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4483-1/"
        },
        {
          "name": "USN-4485-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4485-1/"
        },
        {
          "name": "[debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html"
        },
        {
          "name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://lkml.org/lkml/2020/4/26/87"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-12771",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:1062",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html"
            },
            {
              "name": "openSUSE-SU-2020:1153",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
            },
            {
              "name": "[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html"
            },
            {
              "name": "USN-4463-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4463-1/"
            },
            {
              "name": "USN-4465-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4465-1/"
            },
            {
              "name": "USN-4462-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4462-1/"
            },
            {
              "name": "USN-4483-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4483-1/"
            },
            {
              "name": "USN-4485-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4485-1/"
            },
            {
              "name": "[debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html"
            },
            {
              "name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200608-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
            },
            {
              "name": "https://lkml.org/lkml/2020/4/26/87",
              "refsource": "CONFIRM",
              "url": "https://lkml.org/lkml/2020/4/26/87"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12771",
    "datePublished": "2020-05-09T20:16:20",
    "dateReserved": "2020-05-09T00:00:00",
    "dateUpdated": "2024-08-04T12:04:22.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-12770 (GCVE-0-2020-12770)

Vulnerability from cvelistv5 – Published: 2020-05-09 20:16 – Updated: 2024-08-04 12:04

Summary

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lkml.org/lkml/2020/4/13/870	x_refsource_CONFIRM
	https://git.kernel.org/pub/scm/linux/kernel/git/t…	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://security.netapp.com/advisory/ntap-2020060…	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2020/dsa-4698	vendor-advisoryx_refsource_DEBIAN
	https://www.debian.org/security/2020/dsa-4699	vendor-advisoryx_refsource_DEBIAN
	https://usn.ubuntu.com/4413-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4411-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4412-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4419-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4414-1/	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:04:22.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2020/4/13/870"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee"
          },
          {
            "name": "FEDORA-2020-4c69987c40",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R54VC7B6MDYKP57AWC2HN7AUJYH62RKI/"
          },
          {
            "name": "FEDORA-2020-c6b9fff7f8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF/"
          },
          {
            "name": "FEDORA-2020-5a69decc0c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IO5XIQSRI747P4RVVTNX7TUPEOCF4OPU/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
          },
          {
            "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
          },
          {
            "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"
          },
          {
            "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
          },
          {
            "name": "DSA-4698",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4698"
          },
          {
            "name": "DSA-4699",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4699"
          },
          {
            "name": "USN-4413-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4413-1/"
          },
          {
            "name": "USN-4411-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4411-1/"
          },
          {
            "name": "USN-4412-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4412-1/"
          },
          {
            "name": "USN-4419-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4419-1/"
          },
          {
            "name": "USN-4414-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4414-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-29T18:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://lkml.org/lkml/2020/4/13/870"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee"
        },
        {
          "name": "FEDORA-2020-4c69987c40",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R54VC7B6MDYKP57AWC2HN7AUJYH62RKI/"
        },
        {
          "name": "FEDORA-2020-c6b9fff7f8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF/"
        },
        {
          "name": "FEDORA-2020-5a69decc0c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IO5XIQSRI747P4RVVTNX7TUPEOCF4OPU/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
        },
        {
          "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
        },
        {
          "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"
        },
        {
          "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
        },
        {
          "name": "DSA-4698",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4698"
        },
        {
          "name": "DSA-4699",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4699"
        },
        {
          "name": "USN-4413-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4413-1/"
        },
        {
          "name": "USN-4411-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4411-1/"
        },
        {
          "name": "USN-4412-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4412-1/"
        },
        {
          "name": "USN-4419-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4419-1/"
        },
        {
          "name": "USN-4414-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4414-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-12770",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lkml.org/lkml/2020/4/13/870",
              "refsource": "CONFIRM",
              "url": "https://lkml.org/lkml/2020/4/13/870"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee"
            },
            {
              "name": "FEDORA-2020-4c69987c40",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R54VC7B6MDYKP57AWC2HN7AUJYH62RKI/"
            },
            {
              "name": "FEDORA-2020-c6b9fff7f8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF/"
            },
            {
              "name": "FEDORA-2020-5a69decc0c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IO5XIQSRI747P4RVVTNX7TUPEOCF4OPU/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200608-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
            },
            {
              "name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
            },
            {
              "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"
            },
            {
              "name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
            },
            {
              "name": "DSA-4698",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4698"
            },
            {
              "name": "DSA-4699",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4699"
            },
            {
              "name": "USN-4413-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4413-1/"
            },
            {
              "name": "USN-4411-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4411-1/"
            },
            {
              "name": "USN-4412-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4412-1/"
            },
            {
              "name": "USN-4419-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4419-1/"
            },
            {
              "name": "USN-4414-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4414-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12770",
    "datePublished": "2020-05-09T20:16:36",
    "dateReserved": "2020-05-09T00:00:00",
    "dateUpdated": "2024-08-04T12:04:22.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-20794 (GCVE-0-2019-20794)

Vulnerability from cvelistv5 – Published: 2020-05-09 17:35 – Updated: 2024-08-05 02:53

Summary

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/sargun/fuse-example	x_refsource_MISC
	https://sourceforge.net/p/fuse/mailman/message/36…	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2020060…	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2020/08/24/1	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:53:09.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/sargun/fuse-example"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/fuse/mailman/message/36598753/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
          },
          {
            "name": "[oss-security] 20200824 CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/08/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace\u0027s pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-24T11:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/sargun/fuse-example"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/p/fuse/mailman/message/36598753/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
        },
        {
          "name": "[oss-security] 20200824 CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/08/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-20794",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace\u0027s pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/sargun/fuse-example",
              "refsource": "MISC",
              "url": "https://github.com/sargun/fuse-example"
            },
            {
              "name": "https://sourceforge.net/p/fuse/mailman/message/36598753/",
              "refsource": "MISC",
              "url": "https://sourceforge.net/p/fuse/mailman/message/36598753/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200608-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
            },
            {
              "name": "[oss-security] 20200824 CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/08/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-20794",
    "datePublished": "2020-05-09T17:35:50",
    "dateReserved": "2020-05-09T00:00:00",
    "dateUpdated": "2024-08-05T02:53:09.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2022-1614

CVE-2020-12768 (GCVE-0-2020-12768)

CVE-2020-12771 (GCVE-0-2020-12771)

CVE-2020-12770 (GCVE-0-2020-12770)

CVE-2019-20794 (GCVE-0-2019-20794)

Tags

Sightings

Nomenclature