ID

VAR-202011-0423


CVE

CVE-2020-15436


TITLE

Linux Kernel  Vulnerability in using free memory in

Trust: 0.8

sources: JVNDB: JVNDB-2020-013950

DESCRIPTION

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Linux Kernel Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bug fix: * RHACM 2.0.8 images (BZ #1915461) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1915461 - RHACM 2.0.8 images 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. 7.6) - ppc64, ppc64le, x86_64 3. Bug Fix(es): * [infiniband] Backport Request to fix Multicast Sendonly joins (BZ#1937820) 4. Bugs fixed (https://bugzilla.redhat.com/): 1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore 1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c 1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem 1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles 1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module 6. 7) - noarch, x86_64 3. Bug Fix(es): * kernel-rt: update to the latest RHEL7.9.z3 source tree (BZ#1906133) * [kernel-rt] WARNING: CPU: 8 PID: 586 at kernel/sched/core.c:3644 migrate_enable+0x15f/0x210 (BZ#1916123) * [kernel-rt-debug] [ BUG: bad unlock balance detected! ] [RHEL-7.9.z] (BZ#1916130) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:0336-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0336 Issue date: 2021-02-02 CVE Names: CVE-2020-15436 CVE-2020-35513 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) * kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * double free issue in filelayout_alloc_commit_info (BZ#1679980) * Regression: Plantronics Device SHS2355-11 PTT button does not work after update to 7.7 (BZ#1769502) * Openstack network node reports unregister_netdevice: waiting for qr-3cec0c92-9a to become free. Usage count = 1 (BZ#1809519) * dlm: add ability to interrupt waiting for acquire POSIX lock (BZ#1826858) * [Azure][RHEL7] soft lockups and performance loss occurring during final fsync with parallel dd writes to xfs filesystem in azure instance (BZ#1859364) * Guest crashed when hotplug vcpus on booting kernel stage (BZ#1866138) * soft lockup occurs while a thread group leader is waiting on tasklist_waiters in mm_update_next_owner() where a huge number of the thread group members are exiting and trying to take the tasklist_lock. (BZ#1872110) * [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate (BZ#1883403) * [Hyper-V][RHEL7] Request to included a commit that adds a timeout to vmbus_wait_for_unload (BZ#1888979) * Unable to discover the LUNs from new storage port (BZ#1889311) * RHEL 7.9 Kernel panic at ceph_put_snap_realm+0x21 (BZ#1890386) * A hard lockup occurrs where one task is looping in an sk_lock spinlock that has been taken by another task running timespec64_add_ns(). (BZ#1890911) * ethtool/mlx5_core provides incorrect SFP module info (BZ#1896756) * RHEL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (BZ#1896826) * RHEL7.7 - s390/dasd: Fix zero write for FBA devices (BZ#1896839) * [Azure]IP forwarding issue in netvsc[7.9.z] (BZ#1898280) * Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels (BZ#1917504) Enhancement(s): * RFE : handle better ERRbaduid on SMB1 (BZ#1847041) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c 1905208 - CVE-2020-35513 kernel: fix nfsd failure to clear umask after processing an open or create [rhel-7] 1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create 1917504 - Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.15.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.15.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.15.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.15.2.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm kernel-devel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-headers-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64.rpm perf-3.10.0-1160.15.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.15.2.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-devel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-headers-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64le.rpm perf-3.10.0-1160.15.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.15.2.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.15.2.el7.s390x.rpm kernel-devel-3.10.0-1160.15.2.el7.s390x.rpm kernel-headers-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.15.2.el7.s390x.rpm perf-3.10.0-1160.15.2.el7.s390x.rpm perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm python-perf-3.10.0-1160.15.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.15.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYBlBsdzjgjWX9erEAQhTZhAAmSFzEZeB0CWYNaJ2PVwoFm4PA9rdYDyg G1j/plxrO6bczNEz+XDnAzRPrCbJRPPt6VJxjpLkb25ph0f5tQ+Q7Ph7sAefSbDX BLDjjvl+Wd1g2FEfIQ43wDp8UWuFCVVMF3ajJHFz9ROqrA/1hs0gj7ht9gXRlttT LSI67A08tEWRPtaf5c1M8h/IJtZiF4sfYDrfhp4mFRTZYybTvVjML+xf69Qq7o2D AsxbyKRVNQKC0Epm6C+Tzbw6SxhonrAQyjADWenQ8bCS2TF8WY2OZA7sNs7nddZu Ha/mCB2vSR2WCWLGxCLXTtsK3y52qPIyUn4mBmatJUIBcbJMnQbgZgWrEcTobsoD N5MWdqE6xGjct0KMz0fV6J9D5JWQjUN4O8K0vVQP4aoAX25jMWCq14RLLRUvusJm dLI59E5nN1pLMlADiAAh2Iceac/daIF9fvWn2XoF16/ZQNffa0yCiNFaDg+AW4Tg Z/b82VoOiz7uJWyv06TMcljafEaIxjpnjGmpKQ2qz8UYoxYYsnRyKpHJxLeiB53A TKbkiQJoFutNeUcbBSA6F6sqLlaJ7CtoyzxsVVwM+LtYF1iUXqC+Hp6Gs5NB8WXr JQSrrv0X0H7sAu7FHCyL/ygMQK/IiZKiPxiRBZJH6pJz5OL8GVKxR1CSZmHXvgKo QPLPtfMOGPs=Hdxh -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - aarch64, noarch, ppc64le 3. ========================================================================== Ubuntu Security Notice USN-4752-1 February 25, 2021 linux-oem-5.6 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-5.6: Linux kernel for OEM systems Details: Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135) Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314) It was discovered that the block layer implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-15436) It was discovered that the serial port driver in the Linux kernel did not properly initialize a pointer in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-15437) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212) It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284) It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641) It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) It was discovered that the KVM hypervisor in the Linux kernel did not properly handle interrupts in certain situations. A local attacker in a guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2020-27152) It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588) It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915) Jann Horn discovered a race condition in the copy-on-write implementation in the Linux kernel when handling hugepages. A local attacker could use this to gain unintended write access to read-only memory pages. (CVE-2020-29368) Jann Horn discovered that the mmap implementation in the Linux kernel contained a race condition when handling munmap() operations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-29369) Jann Horn discovered that the romfs file system in the Linux kernel did not properly validate file system meta-data, leading to an out-of-bounds read. An attacker could use this to construct a malicious romfs image that, when mounted, exposed sensitive information (kernel memory). (CVE-2020-29371) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. (CVE-2020-29660) Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.6.0-1048-oem 5.6.0-1048.52 linux-image-oem-20.04 5.6.0.1048.44 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4752-1 CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437, CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641, CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815, CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369, CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1048.52

Trust: 2.43

sources: NVD: CVE-2020-15436 // JVNDB: JVNDB-2020-013950 // VULHUB: VHN-168414 // VULMON: CVE-2020-15436 // PACKETSTORM: 161656 // PACKETSTORM: 163248 // PACKETSTORM: 162346 // PACKETSTORM: 161259 // PACKETSTORM: 161258 // PACKETSTORM: 161250 // PACKETSTORM: 161556

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:gteversion:4.15

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:netappmodel:aff 500fscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h610cscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:2.6.38

Trust: 1.0

vendor:netappmodel:aff a400scope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire \& hci management nodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:fas 8700scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.186

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.130

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.5

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.49

Trust: 1.0

vendor:netappmodel:fabric-attached storage a400scope:eqversion: -

Trust: 1.0

vendor:netappmodel:a700sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:netappmodel:aff 8300scope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h610sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:fas 8300scope:eqversion: -

Trust: 1.0

vendor:netappmodel:a250scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.229

Trust: 1.0

vendor:netappmodel:h615cscope:eqversion: -

Trust: 1.0

vendor:netappmodel:fas 500fscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.10

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.229

Trust: 1.0

vendor:broadcommodel:brocade fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:netappmodel:aff 8700scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.7.6

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.8

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-013950 // NVD: CVE-2020-15436

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-15436
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-15436
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202011-1793
value: MEDIUM

Trust: 0.6

VULHUB: VHN-168414
value: HIGH

Trust: 0.1

VULMON: CVE-2020-15436
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-15436
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-168414
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-15436
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-15436
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-168414 // VULMON: CVE-2020-15436 // JVNDB: JVNDB-2020-013950 // CNNVD: CNNVD-202011-1793 // NVD: CVE-2020-15436

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.1

problemtype:Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-168414 // JVNDB: JVNDB-2020-013950 // NVD: CVE-2020-15436

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 161556 // CNNVD: CNNVD-202011-1793

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202011-1793

PATCH

title:Fix use-after-free in blkdev_get()url:http://www.kernel.org

Trust: 0.8

title:Linux kernel Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=136428

Trust: 0.6

title:Red Hat: Moderate: kernel-rt security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210338 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210336 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-alt security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210354 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210607 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plusurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ddbe78143bb073890c2ecb87b35850bf

Trust: 0.1

title:IBM: Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e9d6f12dfd14652e2bb7e5c28ded162b

Trust: 0.1

sources: VULMON: CVE-2020-15436 // JVNDB: JVNDB-2020-013950 // CNNVD: CNNVD-202011-1793

EXTERNAL IDS

db:NVDid:CVE-2020-15436

Trust: 4.1

db:PACKETSTORMid:162346

Trust: 0.8

db:PACKETSTORMid:161556

Trust: 0.8

db:PACKETSTORMid:163248

Trust: 0.8

db:PACKETSTORMid:161656

Trust: 0.8

db:PACKETSTORMid:161250

Trust: 0.8

db:ICS CERTid:ICSA-24-074-07

Trust: 0.8

db:JVNid:JVNVU93656033

Trust: 0.8

db:JVNDBid:JVNDB-2020-013950

Trust: 0.8

db:CNNVDid:CNNVD-202011-1793

Trust: 0.7

db:AUSCERTid:ESB-2021.0377

Trust: 0.6

db:AUSCERTid:ESB-2021.1148

Trust: 0.6

db:AUSCERTid:ESB-2021.2203

Trust: 0.6

db:AUSCERTid:ESB-2021.0589

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2021.1436

Trust: 0.6

db:AUSCERTid:ESB-2020.4391

Trust: 0.6

db:AUSCERTid:ESB-2020.4341

Trust: 0.6

db:AUSCERTid:ESB-2021.0365

Trust: 0.6

db:AUSCERTid:ESB-2021.0791

Trust: 0.6

db:AUSCERTid:ESB-2020.4377

Trust: 0.6

db:AUSCERTid:ESB-2021.0166

Trust: 0.6

db:AUSCERTid:ESB-2020.4410

Trust: 0.6

db:AUSCERTid:ESB-2022.6112

Trust: 0.6

db:AUSCERTid:ESB-2021.0717

Trust: 0.6

db:CS-HELPid:SB2021042828

Trust: 0.6

db:CS-HELPid:SB2021062303

Trust: 0.6

db:PACKETSTORMid:161258

Trust: 0.2

db:PACKETSTORMid:161259

Trust: 0.2

db:CNVDid:CNVD-2020-66297

Trust: 0.1

db:VULHUBid:VHN-168414

Trust: 0.1

db:VULMONid:CVE-2020-15436

Trust: 0.1

sources: VULHUB: VHN-168414 // VULMON: CVE-2020-15436 // JVNDB: JVNDB-2020-013950 // PACKETSTORM: 161656 // PACKETSTORM: 163248 // PACKETSTORM: 162346 // PACKETSTORM: 161259 // PACKETSTORM: 161258 // PACKETSTORM: 161250 // PACKETSTORM: 161556 // CNNVD: CNNVD-202011-1793 // NVD: CVE-2020-15436

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-15436

Trust: 2.1

url:https://security.netapp.com/advisory/ntap-20201218-0002/

Trust: 1.8

url:https://lkml.org/lkml/2020/6/7/379

Trust: 1.8

url:https://jvn.jp/vu/jvnvu93656033/index.html

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07

Trust: 0.8

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-the-linux-kernel-samba-sudo-python-and-tcmu-runner-affect-ibm-spectrum-protect-plus/

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-15436

Trust: 0.6

url:https://source.android.com/security/bulletin/2021-04-01

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4391/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0717

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4377/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4410/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1148

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4341/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042828

Trust: 0.6

url:https://packetstormsecurity.com/files/163248/red-hat-security-advisory-2021-2523-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/161250/red-hat-security-advisory-2021-0354-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2203

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062303

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6112

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0365/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0377/

Trust: 0.6

url:https://packetstormsecurity.com/files/161656/red-hat-security-advisory-2021-0719-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162346/red-hat-security-advisory-2021-1376-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0589

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1436

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0791

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0166/

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-use-after-free-via-blkdev-get-34039

Trust: 0.6

url:https://packetstormsecurity.com/files/161556/ubuntu-security-notice-usn-4752-1.html

Trust: 0.6

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://access.redhat.com/security/team/key/

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-29661

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35513

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-35513

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2021:0338

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/416.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20230

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3121

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0719

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20230

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10543

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10878

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12362

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2523

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27364

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1376

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28374

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27365

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27365

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0336

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0354

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1749

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1749

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29660

Trust: 0.1

url:https://usn.ubuntu.com/4752-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25212

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24490

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10135

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25641

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15437

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1048.52

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29369

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27152

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28915

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25704

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27815

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25284

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25643

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28588

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14314

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29371

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29368

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35508

Trust: 0.1

sources: VULHUB: VHN-168414 // VULMON: CVE-2020-15436 // JVNDB: JVNDB-2020-013950 // PACKETSTORM: 161656 // PACKETSTORM: 163248 // PACKETSTORM: 162346 // PACKETSTORM: 161259 // PACKETSTORM: 161258 // PACKETSTORM: 161250 // PACKETSTORM: 161556 // CNNVD: CNNVD-202011-1793 // NVD: CVE-2020-15436

CREDITS

Red Hat

Trust: 1.2

sources: PACKETSTORM: 161656 // PACKETSTORM: 163248 // PACKETSTORM: 162346 // PACKETSTORM: 161259 // PACKETSTORM: 161258 // PACKETSTORM: 161250 // CNNVD: CNNVD-202011-1793

SOURCES

db:VULHUBid:VHN-168414
db:VULMONid:CVE-2020-15436
db:JVNDBid:JVNDB-2020-013950
db:PACKETSTORMid:161656
db:PACKETSTORMid:163248
db:PACKETSTORMid:162346
db:PACKETSTORMid:161259
db:PACKETSTORMid:161258
db:PACKETSTORMid:161250
db:PACKETSTORMid:161556
db:CNNVDid:CNNVD-202011-1793
db:NVDid:CVE-2020-15436

LAST UPDATE DATE

2024-08-14T12:30:44.343000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-168414date:2022-10-19T00:00:00
db:VULMONid:CVE-2020-15436date:2020-12-18T00:00:00
db:JVNDBid:JVNDB-2020-013950date:2024-03-22T07:12:00
db:CNNVDid:CNNVD-202011-1793date:2022-11-24T00:00:00
db:NVDid:CVE-2020-15436date:2023-10-12T13:31:04.563

SOURCES RELEASE DATE

db:VULHUBid:VHN-168414date:2020-11-23T00:00:00
db:VULMONid:CVE-2020-15436date:2020-11-23T00:00:00
db:JVNDBid:JVNDB-2020-013950date:2021-07-16T00:00:00
db:PACKETSTORMid:161656date:2021-03-04T15:33:19
db:PACKETSTORMid:163248date:2021-06-22T19:41:34
db:PACKETSTORMid:162346date:2021-04-27T15:32:47
db:PACKETSTORMid:161259date:2021-02-02T16:13:04
db:PACKETSTORMid:161258date:2021-02-02T16:12:50
db:PACKETSTORMid:161250date:2021-02-02T16:11:22
db:PACKETSTORMid:161556date:2021-02-25T15:31:12
db:CNNVDid:CNNVD-202011-1793date:2020-11-23T00:00:00
db:NVDid:CVE-2020-15436date:2020-11-23T21:15:11.813