PT-2020-14626 · Linux+6 · Linux Kernel+6

Jason A. Donenfeld

·

Published

2020-06-15

·

Updated

2022-04-27

·

CVE-2020-15780

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.7.7
Description An issue was discovered in the Linux kernel, specifically in drivers/acpi/acpi configfs.c, where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions.
Recommendations For Linux kernel versions prior to 5.7.7, update to version 5.7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to configfs to minimize the risk of exploitation. Avoid using malicious ACPI tables via configfs until the issue is resolved.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

ALT-PU-2020-2264
ALT-PU-2020-2316
ALT-PU-2020-2362
ALT-PU-2020-2409
ALT-PU-2020-2432
ALT-PU-2020-2687
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
CESA-2020_3218
CESA-2020_3219
CVE-2020-15780
MGASA-2020-0333
OPENSUSE-SU-2020:1153-1
OPENSUSE-SU-2020:1236-1
OPENSUSE-SU-2020_1153-1
OPENSUSE-SU-2020_1236-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
RHSA-2020:3218
RHSA-2020:3219
RHSA-2020:3222
RHSA-2020:3228
RHSA-2020_3218
RHSA-2020_3219
SUSE-SU-2020:2027-1
SUSE-SU-2020:2103-1
SUSE-SU-2020:2105-1
SUSE-SU-2020:2106-1
SUSE-SU-2020:2107-1
SUSE-SU-2020:2119-1
SUSE-SU-2020:2121-1
SUSE-SU-2020:2122-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020:2505-1
SUSE-SU-2020:2506-1
SUSE-SU-2020:2507-1
SUSE-SU-2020:2508-1
SUSE-SU-2020:2509-1
SUSE-SU-2020:2513-1
SUSE-SU-2020:2515-1
SUSE-SU-2020:2517-1
SUSE-SU-2020:2524-1
SUSE-SU-2020:2526-1
SUSE-SU-2020:2531-1
USN-4425-1
USN-4426-1
USN-4439-1
USN-4440-1

Affected Products

Alt Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu