PT-2021-11783 · Linux+4 · Linux Kernel+4

Dhananjay Arunesh

Published

2021-03-18

Updated

2024-02-15

CVE-2020-35519

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel version v5.12-rc5

Description: An out-of-bounds memory access flaw was found in x25 bind in net/x25/af x25.c. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Recommendations: For Linux kernel version v5.12-rc5, consider restricting access to the x25 bind function in net/x25/af x25.c to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2020-35519

OESA-2021-1176

OPENSUSE-SU-2021:0532-1

OPENSUSE-SU-2021:0758-1

OPENSUSE-SU-2021:1975-1

OPENSUSE-SU-2021:1977-1

OPENSUSE-SU-2021_0532-1

OPENSUSE-SU-2021_0758-1

OPENSUSE-SU-2021_1975-1

OPENSUSE-SU-2021_1977-1

SUSE-SU-2021:1175-1

SUSE-SU-2021:1176-1

SUSE-SU-2021:1177-1

SUSE-SU-2021:1210-1

SUSE-SU-2021:1211-1

SUSE-SU-2021:1238-1

SUSE-SU-2021:14724-1

SUSE-SU-2021:1573-1

SUSE-SU-2021:1596-1

SUSE-SU-2021:1624-1

SUSE-SU-2021:1625-1

SUSE-SU-2021:1975-1

SUSE-SU-2021:1977-1

SUSE-SU-2021_14724-1

SUSE-SU-2022:0362-1

SUSE-SU-2022:0477-1

USN-4947-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2021-11783 · Linux+4 · Linux Kernel+4

CVE-2020-35519

Weakness Enumeration

Related Identifiers

Affected Products

References · 578