7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
55.8%
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). (CVE-2019-19813,
CVE-2019-19816)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
(CVE-2020-27777)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | linux-image-4.4.0-201-generic | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | kernel-signed-image-4.4.0-201-generic-di | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | kernel-signed-image-4.4.0-201-generic-di-dbgsym | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-image-4.4.0-201-generic-dbgsym | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-image-4.4.0-201-lowlatency | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-image-4.4.0-201-lowlatency-dbgsym | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-image-4.4.0-201-generic-lpae | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | block-modules-4.4.0-201-generic-di | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | crypto-modules-4.4.0-201-generic-di | < 4.4.0-201.233 | UNKNOWN |
Ubuntu | 16.04 | noarch | fat-modules-4.4.0-201-generic-di | < 4.4.0-201.233 | UNKNOWN |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
55.8%