Lucene search

H410C Firmware Security Vulnerabilities - November 2020

cve

CVE-2020-15436

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

6.7CVSS

6.9AI Score

0.0004EPSS

2020-11-23 09:15 PM

231

cve

CVE-2020-29368

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

7CVSS

6.6AI Score

0.001EPSS

2020-11-28 07:15 AM

275

cve

CVE-2020-29370

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

7CVSS

7.5AI Score

0.001EPSS

2020-11-28 07:15 AM

182

cve

CVE-2020-29374

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-1...

3.6CVSS

4.9AI Score

0.001EPSS

2020-11-28 07:15 AM

309