Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-0427

Опубликовано: 17 сент. 2020
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*

EPSS

Процентиль: 39%
0.00166
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2020-0427

CVSS3: 5.5
ubuntu
почти 5 лет назад

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

redhat логотип

CVE-2020-0427

CVSS3: 5.5
redhat
больше 4 лет назад

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

debian логотип

CVE-2020-0427

CVSS3: 5.5
debian
почти 5 лет назад

In create_pinctrl of core.c, there is a possible out of bounds read du ...

github логотип

GHSA-cmm7-9576-wh39

CVSS3: 5.5
github
около 3 лет назад

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

fstec логотип

BDU:2020-05785

CVSS3: 5.5
fstec
больше 5 лет назад

Уязвимость функции create_pinctrl контроллера контактов ввода-вывода операционной системы Android, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 39%
0.00166
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125