PT-2020-6010 · Linux+1 · Linux Kernel+1

Andy Lutomirski

Published

2020-07-20

Updated

2022-12-03

CVE-2020-15852

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.5 through 5.7.9

Description The issue is related to the tss invalidate io bitmap function in the Linux kernel, which is associated with incorrect default permission settings. An attacker may exploit this to gain elevated privileges, potentially allowing them to obtain the I/O port permissions of an unrelated task. This occurs due to mishandling of tss invalidate io bitmap, causing a loss of synchronization between the I/O bitmaps of TSS and Xen.

Recommendations For Linux kernel versions 5.5 through 5.7.9, consider updating to a version that includes a fix for the tss invalidate io bitmap function mishandling issue. As a temporary workaround, restrict access to the tss invalidate io bitmap function to minimize the risk of exploitation.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

ALT-PU-2020-2448

ALT-PU-2020-2494

ALT-PU-2020-2510

ALT-PU-2020-2687

ALT-PU-2020-2716

ALT-PU-2021-1105

BDU:2021-02589

CVE-2020-15852

MGASA-2020-0333

Affected Products

Alt Linux

Linux Kernel

PT-2020-6010 · Linux+1 · Linux Kernel+1

CVE-2020-15852

Weakness Enumeration

Related Identifiers

Affected Products

References · 51