PT-2020-6800 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2020-07-10

·

Updated

2021-11-09

·

CVE-2020-36386

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.8.1
Description An issue in the Linux kernel's net/bluetooth/hci event.c component is related to a slab out-of-bounds read in the hci extended inquiry result evt function. This issue can potentially allow an attacker to cause a denial of service.
Recommendations For Linux kernel versions prior to 5.8.1, update to version 5.8.1 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2021:4356
ALT-PU-2020-2688
ALT-PU-2020-2716
ALT-PU-2020-2770
ALT-PU-2020-3210
ALT-PU-2021-1083
ALT-PU-2021-1105
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2022-06617
CESA-2021_4140
CESA-2021_4356
CVE-2020-36386
OESA-2021-1176
OPENSUSE-SU-2021:2184-1
OPENSUSE-SU-2021:2202-1
OPENSUSE-SU-2021:2427-1
OPENSUSE-SU-2021_2184-1
OPENSUSE-SU-2021_2202-1
OPENSUSE-SU-2021_2427-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2021:14764-1
SUSE-SU-2021:2184-1
SUSE-SU-2021:2202-1
SUSE-SU-2021:2303-1
SUSE-SU-2021:2321-1
SUSE-SU-2021:2324-1
SUSE-SU-2021:2325-1
SUSE-SU-2021:2349-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2422-1
SUSE-SU-2021:2426-1
SUSE-SU-2021:2427-1
SUSE-SU-2021:2451-1
SUSE-SU-2021:2643-1
SUSE-SU-2021:2644-1
SUSE-SU-2021:2647-1
SUSE-SU-2021_14764-1

Affected Products

Alt Linux
Almalinux
Centos
Linux Kernel
Red Hat
Suse