CVE-2020-10732

Опубликовано: 12 июн. 2020

Источник: debian

EPSS Низкий

Описание

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	5.6.14-2		package
linux	ignored		jessie	package

Примечания

https://www.openwall.com/lists/oss-security/2020/05/06/1
https://git.kernel.org/linus/1d605416fb7175e1adf094251466caa52093b413

EPSS

Процентиль: 22%

0.0007

Низкий

Связанные уязвимости

CVE-2020-10732

CVSS3: 3.3

ubuntu

около 5 лет назад

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

CVE-2020-10732

CVSS3: 3.3

redhat

около 5 лет назад

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

CVE-2020-10732

CVSS3: 3.3

nvd

около 5 лет назад

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

GHSA-rfhv-v778-g5c3

CVSS3: 4.4

github

около 3 лет назад

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

BDU:2021-03057

CVSS3: 4.4

fstec

около 5 лет назад

Уязвимость функции fill_thread_core_info() ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию и вызвать отказ в обслуживании

EPSS

Процентиль: 22%

0.0007

Низкий