PT-2019-5534 · Linux+4 · Linux Kernel+4

Yihui Zeng

·

Publicado

2019-10-31

·

Atualizado

2021-10-26

·

CVE-2020-10773

CVSS v3.1

4.4

Média

VetorAV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to incorrect handling of null bytes or null characters in data exchange within the s390/s390x component of the Linux kernel's memory manager. This can lead to the disclosure of protected information. A local user can exploit this flaw to access kernel data, potentially revealing sensitive information. The flaw is also associated with incorrect writing to the /proc/sys/vm/cmm timeout file.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-626

Identificadores relacionados

ALSA-2020:4431
BDU:2020-03831
CESA-2020_4431
CVE-2020-10773
OPENSUSE-SU-2020:0935-1
OPENSUSE-SU-2020:1153-1
OPENSUSE-SU-2020_0935-1
OPENSUSE-SU-2020_1153-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
RHSA-2020:4431
RHSA-2020_4431
SUSE-SU-2020:14442-1
SUSE-SU-2020:2027-1
SUSE-SU-2020:2103-1
SUSE-SU-2020:2105-1
SUSE-SU-2020:2106-1
SUSE-SU-2020:2107-1
SUSE-SU-2020:2119-1
SUSE-SU-2020:2121-1
SUSE-SU-2020:2122-1
SUSE-SU-2020:2134-1
SUSE-SU-2020:2152-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1

Produtos afetados

Almalinux
Centos
Linux Kernel
Red Hat
Suse