Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-9391

Опубликовано: 25 фев. 2020
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.5.6 (включая)
cpe:2.3:o:linux:linux_kernel:5.4:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 38%
0.00161
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2020-9391

CVSS3: 5.5
ubuntu
больше 5 лет назад

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.

redhat логотип

CVE-2020-9391

CVSS3: 5.5
redhat
больше 5 лет назад

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.

debian логотип

CVE-2020-9391

CVSS3: 5.5
debian
больше 5 лет назад

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 ...

github логотип

GHSA-gpf5-7vrh-q24p

CVSS3: 5.5
github
около 3 лет назад

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.

fstec логотип

BDU:2020-01076

CVSS3: 5.5
fstec
больше 5 лет назад

Уязвимость архитектуры AArch64 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 38%
0.00161
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-787