PT-2019-5798 · Linux+5 · Linux Kernel+5

Jason A. Donenfeld

Publicado

2019-08-19

Atualizado

2021-07-21

CVE-2019-20908

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.4

Description An issue in the Linux kernel's drivers/firmware/efi/efi.c allows attackers to bypass lockdown or secure boot restrictions due to incorrect access permissions for the efivar ssdt ACPI variable. This could be exploited to circumvent security features.

Recommendations For Linux kernel versions prior to 5.4, update to version 5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the efivar ssdt ACPI variable to minimize the risk of exploitation.

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

ALT-PU-2019-3291

ALT-PU-2019-3343

ALT-PU-2019-3369

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2021-02590

CESA-2020_3218

CESA-2020_3219

CVE-2019-20908

OPENSUSE-SU-2020:1153-1

OPENSUSE-SU-2020_1153-1

RHSA-2020:3218

RHSA-2020:3219

RHSA-2020:3222

RHSA-2020:3228

RHSA-2020_3218

RHSA-2020_3219

SUSE-SU-2020:2103-1

SUSE-SU-2020:2106-1

SUSE-SU-2020:2107-1

SUSE-SU-2020:2119-1

SUSE-SU-2020:2121-1

SUSE-SU-2020:2122-1

SUSE-SU-2020:2478-1

SUSE-SU-2020:2487-1

USN-4426-1

USN-4427-1

USN-4439-1

USN-4440-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2019-5798 · Linux+5 · Linux Kernel+5

CVE-2019-20908

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 416