Lucene search

[email protected]NVD:CVE-2020-10732

HistoryJun 12, 2020 - 2:15 p.m.

CVE-2020-10732

2020-06-1214:15:11

CWE-908

[email protected]

web.nvd.nist.gov

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

0.001 Low

EPSS

Percentile

19.7%

JSON

A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

Affected configurations

NVD

Node

linuxlinux_kernelRange<3.16.85

linuxlinux_kernelRange4.4–4.4.226

linuxlinux_kernelRange4.9–4.9.226

linuxlinux_kernelRange4.14–4.14.183

linuxlinux_kernelRange4.19–4.19.126

linuxlinux_kernelRange5.4–5.4.44

linuxlinux_kernelRange5.6–5.6.16

Node

opensuseleapMatch15.1

opensuseleapMatch15.2

Node

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04esm

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch20.04lts

Node

netappactive_iq_unified_managerRange9.5≥vmware_vsphere

netapphci_management_nodeMatch-

netappsolidfireMatch-

netappsteelstore_cloud_integrated_storageMatch-

Node

netappaff_a700Match-

AND

netappaff_a700_firmwareMatch-

Node

netapph410cMatch-

AND

netapph410c_firmwareMatch-

Node

netapph300sMatch-

AND

netapph300s_firmwareMatch-

Node

netapph500sMatch-

AND

netapph500s_firmwareMatch-

Node

netapph700sMatch-

AND

netapph700s_firmwareMatch-

Node

netapph300eMatch-

AND

netapph300e_firmwareMatch-

Node

netapph500e_firmwareMatch-

AND

netapph500eMatch-

Node

netapph700e_firmwareMatch-

AND

netapph700eMatch-

Node

netapph410s_firmwareMatch-

AND

netapph410sMatch-

Node

netappaff_8300_firmwareMatch-

AND

netappaff_8300Match-

Node

netappaff_8700_firmwareMatch-

AND

netappaff_8700Match-

Node

netappaff_a400_firmwareMatch-

AND

netappaff_a400Match-

References

lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732

git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d

github.com/google/kmsan/issues/76

github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a

lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj=rt9XWnCYvg%40mail.gmail.com/

security.netapp.com/advisory/ntap-20210129-0005/

twitter.com/grsecurity/status/1252558055629299712

usn.ubuntu.com/4411-1/

usn.ubuntu.com/4427-1/

usn.ubuntu.com/4439-1/

usn.ubuntu.com/4440-1/

usn.ubuntu.com/4485-1/

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

0.001 Low

EPSS

Percentile

19.7%

JSON

Related for NVD:CVE-2020-10732

osv5 prion1 redhatcve1 cvelist1 veracode1 cve1 debiancve1 ubuntucve1 nessus57 photon3 ibm8 virtuozzo1 openvas32 ubuntu5 oraclelinux6 amazon3 debian5 mageia1 suse3 slackware1 threatpost1 almalinux1 redhat6 centos1