Lucene search

[email protected]NVD:CVE-2020-12888

HistoryMay 15, 2020 - 6:15 p.m.

CVE-2020-12888

2020-05-1518:15:13

CWE-755

[email protected]

web.nvd.nist.gov

4.7 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤5.6.13

Node

fedoraprojectfedoraMatch31

fedoraprojectfedoraMatch32

Node

opensuseleapMatch15.1

opensuseleapMatch15.2

Node

debiandebian_linuxMatch9.0

Node

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04esm

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch20.04lts

Node

netappactive_iq_unified_managerMatch-vmware_vsphere

netappcloud_backupMatch-

netappelement_softwareMatch-

netapphci_management_nodeMatch-

netappsolidfireMatch-

netappsteelstore_cloud_integrated_storageMatch-

Node

netappsolidfire_baseboard_management_controller_firmwareMatch-

AND

netappsolidfire_baseboard_management_controllerMatch-

Node

netappbootstrap_osMatch-

AND

netapphci_compute_nodeMatch-

Node

netappa700s_firmwareMatch-

AND

netappa700sMatch-

Node

netapph300s_firmwareMatch-

AND

netapph300sMatch-

Node

netapph500s_firmwareMatch-

AND

netapph500sMatch-

Node

netapph700s_firmwareMatch-

AND

netapph700sMatch-

Node

netapph300e_firmwareMatch-

AND

netapph300eMatch-

Node

netapph500e_firmwareMatch-

AND

netapph500eMatch-

Node

netapph700e_firmwareMatch-

AND

netapph700eMatch-

Node

netapph410s_firmwareMatch-

AND

netapph410sMatch-

Node

netapph410c_firmwareMatch-

AND

netapph410cMatch-

Node

netapph610c_firmwareMatch-

AND

netapph610cMatch-

Node

netapph610s_firmwareMatch-

AND

netapph610sMatch-

Node

netapph615c_firmwareMatch-

AND

netapph615cMatch-

References

lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html

www.openwall.com/lists/oss-security/2020/05/19/6

lists.debian.org/debian-lts-announce/2020/09/msg00025.html

lists.debian.org/debian-lts-announce/2020/10/msg00032.html

lists.debian.org/debian-lts-announce/2020/10/msg00034.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBEHRQQZTKJTPQFPY3JAO7MQ4JAFEQNW/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXGMJHWTMQI34NJZ4BHL3ZVF264AWBF2/

lore.kernel.org/kvm/158871401328.15589.17598154478222071285.stgit%40gimli.home/

lore.kernel.org/kvm/158871570274.15589.10563806532874116326.stgit%40gimli.home/

security.netapp.com/advisory/ntap-20200608-0001/

usn.ubuntu.com/4525-1/

usn.ubuntu.com/4526-1/

4.7 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

Related for NVD:CVE-2020-12888

nessus55 fedora4 openvas29 ubuntucve1 redhatcve1 prion1 debiancve1 cve1 veracode1 cbl_mariner1 cvelist1 redhat13 centos1 oraclelinux6 f51 osv5 ubuntu3 ibm2 cloudfoundry1 photon5 amazon1 suse3 debian3