PT-2019-5823 · Linux+4 · Linux Kernel+4

Syzbot

·

Publicado

2019-05-30

·

Atualizado

2021-05-28

·

CVE-2020-10720

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2
Description A flaw was found in the Linux kernel's implementation of Generic Receive Offload (GRO). This issue is related to the use of memory after it has been freed, which can be exploited to cause a denial of service, allowing an attacker with local access to crash the system.
Recommendations For Linux kernel versions prior to 5.2, update to version 5.2 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-2321
ALT-PU-2019-2339
ALT-PU-2019-2488
ALT-PU-2019-2746
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2021-03187
CESA-2019_3309
CESA-2019_3517
CVE-2020-10720
OPENSUSE-SU-2020:0801-1
OPENSUSE-SU-2020_0801-1
RHSA-2019:3309
RHSA-2019:3517
RHSA-2019_3309
RHSA-2019_3517
RHSA-2020:2854
SUSE-SU-2020:1255-1
SUSE-SU-2020:1275-1
SUSE-SU-2020:1587-1
SUSE-SU-2020:1599-1
SUSE-SU-2020:1602-1
SUSE-SU-2020:1603-1
SUSE-SU-2020:1604-1
SUSE-SU-2020:1605-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1587-1
SUSE-SU-2020_1599-1
SUSE-SU-2020_1602-1
SUSE-SU-2020_1603-1
SUSE-SU-2020_1604-1
SUSE-SU-2020_1605-1
SUSE-SU-2020_1663-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse