CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
14.2%
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
netapp | cloud_backup | - | cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
netapp | solidfire | - | cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* |
netapp | steelstore_cloud_integrated_storage | - | cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* |
netapp | fas_8300 | - | cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:* |
netapp | fas_8700 | - | cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:* |
netapp | fas_a400 | - | cpe:2.3:h:netapp:fas_a400:-:*:*:*:*:*:*:* |
netapp | fas_baseboard_management_controller_a220 | - | cpe:2.3:h:netapp:fas_baseboard_management_controller_a220:-:*:*:*:*:*:*:* |
netapp | fas_baseboard_management_controller_a320 | - | cpe:2.3:h:netapp:fas_baseboard_management_controller_a320:-:*:*:*:*:*:*:* |
netapp | fas_baseboard_management_controller_a800 | - | cpe:2.3:h:netapp:fas_baseboard_management_controller_a800:-:*:*:*:*:*:*:* |
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb222aed03d798fc074be55e59d9a112338ee784
github.com/torvalds/linux/commit/cb222aed03d798fc074be55e59d9a112338ee784
lists.debian.org/debian-lts-announce/2020/06/msg00011.html
lists.debian.org/debian-lts-announce/2020/06/msg00013.html
security.netapp.com/advisory/ntap-20200430-0004/
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
14.2%