Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-8648

Опубликовано: 30 янв. 2020
Источник: redhat
CVSS3: 7.1
EPSS Низкий

Описание

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system.

Отчет

The impact is moderate, because of the need of additional privileges (usually local console user).

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernel-altWill not fix
Red Hat Enterprise MRG 2kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2021:231608.06.2021
Red Hat Enterprise Linux 7kernelFixedRHSA-2021:231408.06.2021
Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)kernelFixedRHSA-2021:332031.08.2021
Red Hat Enterprise Linux 7.6 Telco Extended Update SupportkernelFixedRHSA-2021:332031.08.2021
Red Hat Enterprise Linux 7.6 Update Services for SAP SolutionskernelFixedRHSA-2021:332031.08.2021
Red Hat Enterprise Linux 7.7 Advanced Update SupportkernelFixedRHSA-2021:352214.09.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1802559kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c

EPSS

Процентиль: 7%
0.0003
Низкий

7.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-8648

CVSS3: 7.1
ubuntu
больше 5 лет назад

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

nvd логотип

CVE-2020-8648

CVSS3: 7.1
nvd
больше 5 лет назад

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

msrc логотип

CVE-2020-8648

CVSS3: 7.1
msrc
почти 5 лет назад

Описание отсутствует

debian логотип

CVE-2020-8648

CVSS3: 7.1
debian
больше 5 лет назад

There is a use-after-free vulnerability in the Linux kernel through 5. ...

github логотип

GHSA-9hr4-45xh-6xvh

CVSS3: 7.1
github
около 3 лет назад

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

EPSS

Процентиль: 7%
0.0003
Низкий

7.1 High

CVSS3