Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-27171

Опубликовано: 20 мар. 2021
Источник: nvd
CVSS3: 6
CVSS2: 3.6
EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 5.11.8 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 38%
0.00162
Низкий

6 Medium

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-193

Связанные уязвимости

ubuntu логотип

CVE-2020-27171

CVSS3: 6
ubuntu
больше 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.

redhat логотип

CVE-2020-27171

CVSS3: 6
redhat
больше 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.

msrc логотип

CVE-2020-27171

CVSS3: 6
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-27171

CVSS3: 6
debian
больше 4 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...

github логотип

GHSA-c389-x6qf-wxv2

CVSS3: 6
github
около 3 лет назад

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.

EPSS

Процентиль: 38%
0.00162
Низкий

6 Medium

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-193