PT-2020-5874 · Linux+6 · Linux Kernel+6

Published

2020-09-11

·

Updated

2024-05-30

·

CVE-2020-36312

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.8.10
Description: An issue in the Linux kernel is related to a memory leak in the kvm io bus unregister dev function, located in virt/kvm/kvm main.c, which occurs upon a kmalloc failure. This issue can be exploited to cause a denial of service.
Recommendations: For Linux kernel versions prior to 5.8.10, update to version 5.8.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the kvm io bus unregister dev function to minimize the risk of exploitation.

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2021:4356
ALT-PU-2020-2864
ALT-PU-2020-2888
ALT-PU-2020-3210
ALT-PU-2020-3553
ALT-PU-2021-1083
ALT-PU-2021-1105
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2021-01953
CESA-2021_4140
CESA-2021_4356
CVE-2020-36312
OESA-2021-1176
OPENSUSE-SU-2021:0579-1
OPENSUSE-SU-2021:0758-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0579-1
OPENSUSE-SU-2021_0758-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2021:1211-1
SUSE-SU-2021:1238-1
SUSE-SU-2021:1301-1
SUSE-SU-2021:1572-1
SUSE-SU-2021:1573-1
SUSE-SU-2021:1595-1
SUSE-SU-2021:1596-1
SUSE-SU-2021:1605-1
SUSE-SU-2021:1617-1
SUSE-SU-2021:1623-1
SUSE-SU-2021:1624-1
SUSE-SU-2021:1625-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1870-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Suse