Lucene search

K

PRIOn knowledge basePRION:CVE-2020-12867

HistoryJun 01, 2020 - 2:15 p.m.

Null pointer dereference

2020-06-0114:15:00

PRIOn knowledge base

www.prio-n.com

3

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

29.1%

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.

CPENameOperatorVersion
ubuntu_linuxeq18.04
ubuntu_linuxeq20.04
ubuntu_linuxeq16.04
debian_linuxeq9.0
fedoraeq32
leapeq15.1
leapeq15.2
sane_backendslt1.0.30

References

lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html

lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html

alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html

gitlab.com/sane-project/backends/-/issues/279

lists.debian.org/debian-lts-announce/2020/08/msg00029.html

lists.debian.org/debian-lts-announce/2020/10/msg00010.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWUVCHURVGGYBEUOBA4PLSNXJVBKHJYJ/

securitylab.github.com/advisories/GHSL-2020-075-libsane

usn.ubuntu.com/4470-1/

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

29.1%

Related for PRION:CVE-2020-12867

nessus20 debian3 openvas14 veracode1 osv4 ubuntucve1 rocky1 redhatcve1 fedora1 redhat1 oraclelinux1 debiancve1 almalinux1 cve1 alpinelinux1 suse2 freebsd1 mageia1 slackware1 ubuntu1