Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-25639

Опубликовано: 28 авг. 2020
Источник: redhat
CVSS3: 4.4

Описание

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

A NULL pointer dereference flaw was found in the Linux kernel’s GPU Nouveau driver functionality in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

Отчет

This flaw is rated as having a Low impact because the issue can only be triggered by an authorized local user in the render group.

Меры по смягчению последствий

To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1876995kernel: NULL pointer dereference via nouveau ioctl can lead to DoS

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-25639

CVSS3: 4.4
ubuntu
больше 4 лет назад

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

nvd логотип

CVE-2020-25639

CVSS3: 4.4
nvd
больше 4 лет назад

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

msrc логотип

CVE-2020-25639

CVSS3: 4.4
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-25639

CVSS3: 4.4
debian
больше 4 лет назад

A NULL pointer dereference flaw was found in the Linux kernel's GPU No ...

github логотип

GHSA-9h9r-mqj8-gh3f

github
около 3 лет назад

A NULL pointer dereference flaw was found in the Linux kernel’s GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

4.4 Medium

CVSS3