CVE-2020-25668
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/05/2021
Last modified:
07/11/2023
Description
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
Impact
Base Score 3.x
7.00
Severity 3.x
HIGH
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.4.242 (excluding) | |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.5 (including) | 4.9.242 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10 (including) | 4.14.204 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.155 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.75 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.9.5 (excluding) |
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* | ||
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.openwall.com/lists/oss-security/2020/10/30/1
- http://www.openwall.com/lists/oss-security/2020/11/04/3
- https://bugzilla.redhat.com/show_bug.cgi?id=1893287%2C
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=90bfdeef83f1d6c696039b6a917190dcbbad3220
- https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
- https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
- https://security.netapp.com/advisory/ntap-20210702-0005/
- https://www.openwall.com/lists/oss-security/2020/10/30/1%2C
- https://www.openwall.com/lists/oss-security/2020/11/04/3%2C