A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.

🗓️ 25 Sep 2020 07:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 1 Views

Memory out-of-bounds read flaw in Linux kernel before 5.9-rc2 allows a local user to crash system.

Reporter	Title	Published	Views	Family All 340
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus	6 Oct 202101:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities.	22 Nov 202206:42	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in PostgreSQL, Apache, Golang Go, and Linux Kernel affect IBM Spectrum Copy Data Management	10 Dec 202123:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in the Kernel	7 Dec 202322:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in the Kernel	7 Dec 202322:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	2 Feb 202105:06	–	ibm
Tenable Nessus	Amazon Linux 2 : kernel (ALAS-2020-1495)	1 Oct 202000:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-016)	2 May 202200:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2020-1437)	28 Oct 202000:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2021:1578)	9 Feb 202200:00	–	nessus

Vulners

Node

microsoft cm1_kernel_5.4.91-3Range<5.4.91-3

25 Sep 2020 07:00Current

8.2High risk

Vulners AI Score8.2

CVSS 22.1

CVSS 3.15.5

EPSS0.00021

linux kernel memory error local user ext3 filesystem ext4 filesystem system crash