Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2020-10690
HistoryMay 08, 2020 - 12:00 a.m.

CVE-2020-10690

2020-05-0800:00:00
ubuntu.com
ubuntu.com
20

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.3%

JSON

There is a use-after-free in kernel versions before 5.5 due to a race
condition between the release of ptp_clock and cdev while resource
deallocation. When a (high privileged) process allocates a ptp device file
(like /dev/ptpX) and voluntarily goes to sleep. During this time if the
underlying device is removed, it can cause an exploitable condition as the
process wakes up to terminate and clean all attached files. The system
crashes due to the cdev structure being invalid (as already freed) which is
pointed to by the inode.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-88.88UNKNOWN
ubuntu19.10noarchlinux< 5.3.0-40.32UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-185.215UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1060.62UNKNOWN
ubuntu19.10noarchlinux-aws< 5.3.0-1011.12UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1074.78) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1110.121UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1060.62~16.04.1UNKNOWN
ubuntu19.10noarchlinux-azure< 5.3.0-1013.14UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1071.76UNKNOWN
Rows per page:
1-10 of 341

Related

debiancve 1
f5 1
cve 1
cbl_mariner 1
redhatcve 1
prion 1
osv 2
nessus 32
photon 6
openvas 17
ubuntu 1
ibm 5
oraclelinux 3
slackware 1
suse 1
redhat 4
debian 2
centos 1
debiancve
debiancve
CVE-2020-10690
2020-05-08 15:15:00
f5
f5
K25370250 : Linux kernel vulnerability CVE-2020-10690
2022-06-02 00:00:00
cve
cve
CVE-2020-10690
2020-05-08 15:15:00
cbl_mariner
cbl_mariner
CVE-2020-10690 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
redhatcve
redhatcve
CVE-2020-10690
2020-04-21 09:33:47
prion
prion
Race condition
2020-05-08 15:15:00
osv
osv
CVE-2020-10690
2020-05-08 15:15:11
linux - security update
2020-06-09 00:00:00
nessus
nessus
Photon OS 1.0: Linux PHSA-2020-1.0-0297
2020-06-10 00:00:00
Photon OS 2.0: Linux PHSA-2020-2.0-0246
2020-06-11 00:00:00
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4419-1)
2020-07-09 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0297
2020-05-29 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0246
2020-05-29 00:00:00
Moderate Photon OS Security Update - PHSA-2020-0297
2020-05-22 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:14393-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-4419-1)
2020-07-09 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2514)
2020-12-15 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-07-06 00:00:00
ibm
ibm
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-05-25 23:01:32
Security Bulletin: Vulnerabilities in Linux Kernel and Java affect IBM Spectrum Protect Plus
2021-03-03 21:46:54
Security Bulletin: IBM Security Guardium is affected by kernel vulnerabilities
2021-04-13 16:24:15
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2022-11-01 00:00:00
Unbreakable Enterprise kernel security update
2020-07-10 00:00:00
kernel security, bug fix, and enhancement update
2020-10-06 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-06-11 21:36:19
suse
suse
Security update for the Linux Kernel (important)
2020-06-13 00:00:00
redhat
redhat
(RHSA-2020:1769) Important: kernel security, bug fix, and enhancement update
2020-04-28 09:13:52
(RHSA-2020:1567) Important: kernel-rt security, bug fix, and enhancement update
2020-04-28 08:51:22
(RHSA-2020:4062) Important: kernel-rt security and bug fix update
2020-09-29 18:41:41
debian
debian
[SECURITY] [DLA 2241-1] linux security update
2020-06-09 21:29:32
[SECURITY] [DLA 2241-2] linux security update
2020-06-10 10:55:44
centos
centos
bpftool, kernel, perf, python security update
2020-10-20 18:20:15

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.3%

JSON
Related for UB:CVE-2020-10690
debiancve1f51cve1cbl_mariner1redhatcve1prion1osv2nessus32photon6openvas17ubuntu1ibm5oraclelinux3slackware1suse1redhat4debian2centos1