Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-27170

Опубликовано: 20 мар. 2021
Источник: nvd
CVSS3: 4.7
CVSS2: 1.9
EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 5.11.8 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Конфигурация 4
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 15%
0.00048
Низкий

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-203

Связанные уязвимости

ubuntu логотип

CVE-2020-27170

CVSS3: 4.7
ubuntu
около 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.

redhat логотип

CVE-2020-27170

CVSS3: 4.7
redhat
больше 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.

msrc логотип

CVE-2020-27170

CVSS3: 4.7
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-27170

CVSS3: 4.7
debian
около 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...

github логотип

GHSA-x6wj-2wrr-74p6

CVSS3: 4.7
github
около 3 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.

EPSS

Процентиль: 15%
0.00048
Низкий

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-203