Уязвимость CVE-2022-20008

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	5.16.11-1		package
linux	fixed	5.10.103-1	bullseye	package
linux	fixed	4.19.232-1	buster	package
linux	not-affected		stretch	package

CVE-2022-20008

CVSS3: 4.6

ubuntu

больше 3 лет назад

In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel

CVE-2022-20008

CVSS3: 4.6

nvd

больше 3 лет назад

In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel

GHSA-83pw-hvj9-wh3j

CVSS3: 4.6

github

больше 3 лет назад

In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel

BDU:2022-05891

CVSS3: 4.6

fstec

около 4 лет назад

Уязвимость функции mmc_blk_read_single компонента block.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным

SUSE-SU-2022:3693-1

suse-cvrf

больше 3 лет назад

Security update for the Linux Kernel

exploitDog

CVE-2022-20008

Описание

Пакеты

Примечания

Связанные уязвимости