Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-15852

Опубликовано: 20 июл. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.7.9 (включая)
Конфигурация 2
cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*
Версия до 4.13.1 (включая)
Конфигурация 3

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.0016
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-276

Связанные уязвимости

ubuntu логотип

CVE-2020-15852

CVSS3: 7.8
ubuntu
больше 5 лет назад

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

redhat логотип

CVE-2020-15852

CVSS3: 7
redhat
больше 5 лет назад

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

debian логотип

CVE-2020-15852

CVSS3: 7.8
debian
больше 5 лет назад

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used ...

github логотип

GHSA-c6v6-mvg4-h5hx

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

fstec логотип

BDU:2021-02589

CVSS3: 7.8
fstec
больше 5 лет назад

Уязвимость функции tss_invalidate_io_bitmap ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 37%
0.0016
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-276