Lucene search
UbuntuUSN-4710-1HistoryFeb 03, 2021 - 12:00 a.m.
Linux kernel vulnerability
2021-02-0300:00:00
ubuntu.com
266
linux kernel
memory deallocation
ubuntu 18.04
ubuntu 16.04
denial of service
perf subsystem
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
High
EPSS
0
Percentile
5.1%
Releases
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- linux - Linux kernel
- linux-hwe - Linux hardware enablement (HWE) kernel
Details
Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 18.04 | noarch | linux-image-4.15.0-135-generic | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | kernel-signed-image-4.15.0-135-generic-di | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | linux-image-4.15.0-135-generic-dbgsym | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | linux-image-4.15.0-135-lowlatency | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | linux-image-4.15.0-135-lowlatency-dbgsym | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | linux-image-4.15.0-135-generic-lpae | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | block-modules-4.15.0-135-generic-di | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | crypto-modules-4.15.0-135-generic-di | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | fat-modules-4.15.0-135-generic-di | < 4.15.0-135.139 | UNKNOWN |
| Ubuntu | 18.04 | noarch | fb-modules-4.15.0-135-generic-di | < 4.15.0-135.139 | UNKNOWN |
References
Related
cvelist
cvelist
CVE-2020-25704
2020-12-02 00:00:00
debiancve
debiancve
CVE-2020-25704
2020-12-02 01:15:12
osv
osv
CVE-2020-25704
2020-12-02 01:15:12
linux, linux-hwe vulnerability
2021-02-03 01:01:56
f5
f5
K44994972 : Linux kernel vulnerability CVE-2020-25704
2022-03-31 00:00:00
nessus
nessus
F5 Networks BIG-IP : Linux kernel vulnerability (K44994972)
2022-03-31 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2022-0080)
2022-11-15 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability (USN-4710-1)
2021-01-28 00:00:00
nvd
nvd
CVE-2020-25704
2020-12-02 01:15:12
cbl_mariner
cbl_mariner
CVE-2020-25704 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
ubuntucve
ubuntucve
CVE-2020-25704
2020-12-02 00:00:00
cve
cve
CVE-2020-25704
2020-12-02 01:15:12
veracode
veracode
Denial Of Service (DoS)
2021-01-07 19:22:49
redhatcve
redhatcve
CVE-2020-25704
2020-11-09 14:59:39
openvas
openvas
Ubuntu: Security Advisory (USN-4710-1)
2021-01-29 00:00:00
Ubuntu: Security Advisory (USN-4711-1)
2021-01-29 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2498)
2020-12-01 00:00:00
prion
prion
Memory corruption
2020-12-02 01:15:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2021-02-05 00:00:00
Linux kernel vulnerabilities
2021-01-06 00:00:00
Linux kernel vulnerabilities
2021-02-25 00:00:00
archlinux
archlinux
[ASA-202011-10] linux-hardened: multiple issues
2020-11-10 00:00:00
redhat
redhat
(RHSA-2022:0063) Moderate: kernel security and bug fix update
2022-01-11 09:02:34
(RHSA-2022:0065) Moderate: kernel-rt security and bug fix update
2022-01-11 09:03:22
oraclelinux
oraclelinux
kernel security and bug fix update
2022-01-11 00:00:00
Unbreakable Enterprise kernel security update
2020-12-14 00:00:00
Unbreakable Enterprise kernel security update
2020-12-15 00:00:00
ibm
ibm
centos
centos
bpftool, kernel, perf, python security update
2022-01-18 13:57:43
fedora
fedora
[SECURITY] Fedora 33 Update: kernel-5.9.8-200.fc33
2020-11-16 01:09:27
[SECURITY] Fedora 32 Update: kernel-5.9.8-100.fc32
2020-11-16 01:13:01
suse
suse
Security update for the Linux Kernel (important)
2020-11-26 00:00:00
Security update for the Linux Kernel (important)
2020-11-13 00:00:00
Security update for the Linux Kernel (important)
2020-12-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2020-0163
2020-11-19 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0295
2020-11-12 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0163
2020-11-19 00:00:00
amazon
amazon
Medium: kernel
2020-12-16 20:31:00
Important: kernel
2020-12-08 20:55:00
Medium: kernel
2021-01-12 22:51:00
debian
debian
[SECURITY] [DLA 2494-1] linux security update
2020-12-18 12:14:03
[SECURITY] [DLA 2483-1] linux-4.19 security update
2020-12-10 11:11:34
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2021-05-18 05:33:57
mageia
mageia
Updated kernel packages fix security vulnerabilities
2021-01-15 15:31:01
Updated kernel-linus packages fix security vulnerabilities
2021-01-15 15:31:01
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for USN-4710-1