Lucene search

K
f5F5F5:K42355373
HistoryMar 01, 2021 - 12:00 a.m.

K42355373 : Linux NFS kernel vulnerablity CVE-2020-25212

2021-03-0100:00:00
my.f5.com
31

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Security Advisory Description

A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. (CVE-2020-25212)

Impact

The specified products contain the affected code. However, F5 identifies this vulnerability with the not vulnerable status because the attacker cannot exploit the code in default, standard, or recommended configurations.