Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-12769

Опубликовано: 03 янв. 2020
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

A flaw was found in the Linux kernel. A kernel panic can occur when concurrent calls to dw_spi_irq and dw_spi_transfer_one are made. The highest threat from this vulnerability is to system availability.

Отчет

This issue is rated as having Low impact because of the preconditions needed to trigger the issue.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=1834821kernel: DoS via concurrent calls to dw_spi_irq and dw_spi_transfer_one functions in drivers/spi/spi-dw.c

EPSS

Процентиль: 19%
0.00061
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-12769

CVSS3: 5.5
ubuntu
больше 5 лет назад

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

nvd логотип

CVE-2020-12769

CVSS3: 5.5
nvd
больше 5 лет назад

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

debian логотип

CVE-2020-12769

CVSS3: 5.5
debian
больше 5 лет назад

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi ...

github логотип

GHSA-f25w-4h6f-frg3

CVSS3: 5.5
github
больше 3 лет назад

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

fstec логотип

BDU:2020-02429

CVSS3: 5.5
fstec
около 6 лет назад

Уязвимость компонента drivers/spi/spi-dw.c ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 19%
0.00061
Низкий

4.7 Medium

CVSS3