Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-25221

Опубликовано: 10 сент. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 7.2
EPSS Низкий

Описание

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.7.0 (включая) до 5.8.7 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

EPSS

Процентиль: 41%
0.00193
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-672

Связанные уязвимости

ubuntu логотип

CVE-2020-25221

CVSS3: 7.8
ubuntu
больше 5 лет назад

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.

redhat логотип

CVE-2020-25221

CVSS3: 7.8
redhat
больше 5 лет назад

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.

debian логотип

CVE-2020-25221

CVSS3: 7.8
debian
больше 5 лет назад

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5 ...

github логотип

GHSA-442r-3r9f-48cm

CVSS3: 7.8
github
больше 3 лет назад

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.

EPSS

Процентиль: 41%
0.00193
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-672