CVE-2020-25656

{"id": "CVE-2020-25656", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.5}]}, "published": "2020-12-02T01:15:12.607", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lkml.org/lkml/2020/10/16/84", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lkml.org/lkml/2020/10/29/528", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.starwindsoftware.com/security/sw-20210325-0006/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lkml.org/lkml/2020/10/16/84", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lkml.org/lkml/2020/10/29/528", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.starwindsoftware.com/security/sw-20210325-0006/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-416"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en el kernel de Linux. Se encontr\u00f3 un uso de la memoria previamente liberada en la manera en que el subsistema de la consola estaba usando ioctls KDGKBSENT y KDSKBSENT. Un usuario local podr\u00eda usar este fallo para obtener acceso a la memoria de lectura fuera de los l\u00edmites. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos"}], "lastModified": "2024-11-21T05:18:22.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D61CA62B-157A-4415-B8FD-7C3C1208315D", "versionEndExcluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DD7EB1D-064C-4DB9-AD34-D8EF78312C17"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "0E5C2815-65C8-48D7-BF31-6104EDD0CBE5"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "6FF4A265-AFFD-4853-B3CE-A55E950E8B5B"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "E6484296-5BA8-408A-A087-A0D86BA50703"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "5D31D4A3-7D1E-472F-9BB6-AF889DA7C763"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "F67B6B43-FF39-4B05-8704-EDFCED4117E6"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*", "vulnerable": true, "matchCriteriaId": "C79FA879-7855-467B-A98D-7D914940F9D3"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}