PT-2020-2430 · Linux+4 · Linux Kernel+4

Published

2020-05-08

·

Updated

2022-04-26

·

CVE-2020-12771

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.6.11
Description An issue in the Linux kernel exists due to insufficient input validation in the btree gc coalesce function, located in drivers/md/bcache/btree.c. This can lead to a deadlock if a coalescing operation fails, potentially allowing an attacker to cause a denial of service.
Recommendations For Linux kernel versions prior to 5.6.11, consider applying configuration changes to minimize the risk of exploitation, such as restricting access to the btree gc coalesce function in drivers/md/bcache/btree.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-20

Related Identifiers

ALT-PU-2020-1944
ALT-PU-2020-1950
ALT-PU-2020-2153
ALT-PU-2020-2155
ALT-PU-2020-2158
ALT-PU-2020-2164
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2020-02432
CVE-2020-12771
DLA-2323-1
DLA-2420-1
DLA-2420-2
OPENSUSE-SU-2020:1062-1
OPENSUSE-SU-2020:1153-1
OPENSUSE-SU-2020_1062-1
OPENSUSE-SU-2020_1153-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
SUSE-SU-2020:2027-1
SUSE-SU-2020:2103-1
SUSE-SU-2020:2105-1
SUSE-SU-2020:2106-1
SUSE-SU-2020:2107-1
SUSE-SU-2020:2119-1
SUSE-SU-2020:2121-1
SUSE-SU-2020:2122-1
SUSE-SU-2020:2134-1
SUSE-SU-2020:2152-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
USN-4462-1
USN-4463-1
USN-4465-1
USN-4483-1
USN-4485-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Suse
Ubuntu