Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-20008
HistoryMay 10, 2022 - 12:00 a.m.

CVE-2022-20008

2022-05-1000:00:00
ubuntu.com
ubuntu.com
22

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

13.4%

In mmc_blk_read_single of block.c, there is a possible way to read kernel
heap memory due to uninitialized data. This could lead to local information
disclosure if reading from an SD card that triggers errors, with no
additional execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-216481035References: Upstream kernel

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-110.124UNKNOWN
ubuntu21.10noarchlinux< 5.13.0-41.46UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1073.78UNKNOWN
ubuntu21.10noarchlinux-aws< 5.13.0-1023.25UNKNOWN
ubuntu20.04noarchlinux-aws-5.13< 5.13.0-1023.25~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1075.80~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1078.81UNKNOWN
ubuntu21.10noarchlinux-azure< 5.13.0-1023.27UNKNOWN
ubuntu20.04noarchlinux-azure-5.13< 5.13.0-1023.27~20.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-5.4< 5.4.0-1078.81~18.04.1UNKNOWN
Rows per page:
1-10 of 361

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

13.4%