8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
54.7%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757)
kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)
kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837427)
Fix dpdk regression introduced by bz1837297 (BZ#1852775)
Possible race condition updating the cfg structure in __assign_irq_vector. (BZ#1854552)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | perf | < 3.10.0-957.58.2.el7 | perf-3.10.0-957.58.2.el7.x86_64.rpm |
RedHat | 7 | x86_64 | bpftool | < 3.10.0-957.58.2.el7 | bpftool-3.10.0-957.58.2.el7.x86_64.rpm |
RedHat | 7 | ppc64 | perf | < 3.10.0-957.58.2.el7 | perf-3.10.0-957.58.2.el7.ppc64.rpm |
RedHat | 7 | x86_64 | kernel-tools-libs-devel | < 3.10.0-957.58.2.el7 | kernel-tools-libs-devel-3.10.0-957.58.2.el7.x86_64.rpm |
RedHat | 7 | x86_64 | kernel-headers | < 3.10.0-957.58.2.el7 | kernel-headers-3.10.0-957.58.2.el7.x86_64.rpm |
RedHat | 7 | s390x | kernel-kdump | < 3.10.0-957.58.2.el7 | kernel-kdump-3.10.0-957.58.2.el7.s390x.rpm |
RedHat | 7 | x86_64 | kernel-debug-devel | < 3.10.0-957.58.2.el7 | kernel-debug-devel-3.10.0-957.58.2.el7.x86_64.rpm |
RedHat | 7 | ppc64 | perf-debuginfo | < 3.10.0-957.58.2.el7 | perf-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm |
RedHat | 7 | s390x | kernel-headers | < 3.10.0-957.58.2.el7 | kernel-headers-3.10.0-957.58.2.el7.s390x.rpm |
RedHat | 7 | ppc64 | kernel-debug-devel | < 3.10.0-957.58.2.el7 | kernel-debug-devel-3.10.0-957.58.2.el7.ppc64.rpm |
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
54.7%