CVE-2020-8835

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 02-04-2020 08:15

Last modified: - 26-04-2022 07:05

Total changes: - 4

Description

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

vendor=linux AND product=linux_kernel AND versionStartIncluding=5.4.7 AND versionEndExcluding=5.4.29

vendor=linux AND product=linux_kernel AND versionStartIncluding=5.5.0 AND versionEndExcluding=5.5.14

vendor=fedoraproject AND product=fedora AND version=30

vendor=fedoraproject AND product=fedora AND version=31

vendor=fedoraproject AND product=fedora AND version=32

vendor=canonical AND product=ubuntu_linux AND version=18.04 AND software_edition=lts

vendor=canonical AND product=ubuntu_linux AND version=19.10

vendor=netapp AND product=cloud_backup AND version=-

vendor=netapp AND product=hci_management_node AND version=-

vendor=netapp AND product=solidfire AND version=-

vendor=netapp AND product=steelstore_cloud_integrated_storage AND version=-

AND

vendor=netapp AND product=a700s_firmware AND version=-

vendor=netapp AND product=a700s AND version=-

AND

vendor=netapp AND product=8300_firmware AND version=-

vendor=netapp AND product=8300 AND version=-

AND

vendor=netapp AND product=8700_firmware AND version=-

vendor=netapp AND product=8700 AND version=-

AND

vendor=netapp AND product=a400_firmware AND version=-

vendor=netapp AND product=a400 AND version=-

AND

vendor=netapp AND product=a320_firmware AND version=-

vendor=netapp AND product=a320 AND version=-

AND

vendor=netapp AND product=c190_firmware AND version=-

vendor=netapp AND product=c190 AND version=-

AND

vendor=netapp AND product=a220_firmware AND version=-

vendor=netapp AND product=a220 AND version=-

AND

vendor=netapp AND product=fas2720_firmware AND version=-

vendor=netapp AND product=fas2720 AND version=-

AND

vendor=netapp AND product=fas2750_firmware AND version=-

vendor=netapp AND product=fas2750 AND version=-

AND

vendor=netapp AND product=a800_firmware AND version=-

vendor=netapp AND product=a800 AND version=-

AND

vendor=netapp AND product=h300s_firmware AND version=-

vendor=netapp AND product=h300s AND version=-

AND

vendor=netapp AND product=h500s_firmware AND version=-

vendor=netapp AND product=h500s AND version=-

AND

vendor=netapp AND product=h700s_firmware AND version=-

vendor=netapp AND product=h700s AND version=-

AND

vendor=netapp AND product=h300e_firmware AND version=-

vendor=netapp AND product=h300e AND version=-

AND

vendor=netapp AND product=h500e_firmware AND version=-

vendor=netapp AND product=h500e AND version=-

AND

vendor=netapp AND product=h700e_firmware AND version=-

vendor=netapp AND product=h700e AND version=-

AND

vendor=netapp AND product=h410s_firmware AND version=-

vendor=netapp AND product=h410s AND version=-

AND

vendor=netapp AND product=h610c_firmware AND version=-

vendor=netapp AND product=h610c AND version=-

AND

vendor=netapp AND product=h610s_firmware AND version=-

vendor=netapp AND product=h610s AND version=-

AND

vendor=netapp AND product=h615c_firmware AND version=-

vendor=netapp AND product=h615c AND version=-

Reference

N/A-Mailing List, Patch, Third Party Advisory
N/A-Patch, Vendor Advisory
N/A-Third Party Advisory
N/A-Patch, Vendor Advisory
N/A-Third Party Advisory
N/A-Patch, Vendor Advisory
USN-4313-1-Third Party Advisory
FEDORA-2020-4ef0bcc89c-Mailing List, Third Party Advisory
FEDORA-2020-666f3b1ac3-Mailing List, Third Party Advisory
FEDORA-2020-73c00eda1c-Mailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20200430-0004/
[oss-security] 20210720 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer-Exploit, Mailing List, Third Party Advisory

Keywords

CVE-2020-8835

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-8835

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures