exploitDog

CVE-2020-29368

Опубликовано: 28 нояб. 2020

Источник: nvd

CVSS3: 7

CVSS2: 6.9

EPSS Низкий

Описание

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

Ссылки

https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
Exploit
Issue Tracking
Patch
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20210108-0002/
Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
Exploit
Issue Tracking
Patch
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20210108-0002/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.5.5 (включая) до 4.9.228 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.185 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.129 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.48 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.7.5 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00029

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2020-29368

CVSS3: 7

ubuntu

больше 4 лет назад

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

CVE-2020-29368

CVSS3: 7

redhat

около 5 лет назад

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

CVE-2020-29368

CVSS3: 7

msrc

больше 4 лет назад

Описание отсутствует

CVE-2020-29368

CVSS3: 7

debian

больше 4 лет назад

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the ...

SUSE-SU-2021:0864-1

suse-cvrf

больше 4 лет назад

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1)

EPSS

Процентиль: 7%

0.00029

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362