CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2020-25641 – kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS
https://notcve.org/view.php?id=CVE-2020-25641
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la implementación de biovecs del kernel de Linux en versiones anteriores a 5.9-rc7. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html http://www.openwall.com/lists/oss-security/2020/10/06/9 https://bugzilla.redhat.com/show_bug.cgi?id=1881424 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124 https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/ • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-25643 – kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
https://notcve.org/view.php?id=CVE-2020-25643
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de corrupción de la memoria en el kernel de Linux en versiones anteriores a 5.9-rc7, en el módulo HDLC_PPP en la manera en que recibe paquetes malformados por el protocolo PPP. Un usuario remoto podría usar este fallo para bloquear el sistema o causar una denegación de servicio A flaw was found in the HDLC_PPP module of the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html https://bugzilla.redhat.com/show_bug.cgi?id=1879981 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105 https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/ • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2020-26541 – kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
https://notcve.org/view.php?id=CVE-2020-26541
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. El kernel de Linux versiones hasta 5.8.13, no aplica apropiadamente el mecanismo de protección Secure Boot Forbidden Signature Database (también se conoce como dbx). Esto afecta a los archivos certs/blacklist.c y certs/system_keyring.c A flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem. • https://lkml.org/lkml/2020/9/15/1871 https://access.redhat.com/security/cve/CVE-2020-26541 https://bugzilla.redhat.com/show_bug.cgi?id=1886285 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-26088
https://notcve.org/view.php?id=CVE-2020-26088
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. Una falta de comprobación de CAP_NET_RAW en la creación de sockets NFC en el archivo net/nfc/rawsock.c en el Kernel de Linux versiones anteriores a 5.8.2, podría ser usada por unos atacantes locales para crear sockets sin procesar, omitiendo los mecanismos de seguridad, también se conoce como CID-26896f01467a. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2 https://github.com/torvalds/linux/commit/26896f01467a28651f7a536143fe5ac8449d4041 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https: • CWE-276: Incorrect Default Permissions •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2020-14390
https://notcve.org/view.php?id=CVE-2020-14390
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Se encontró un fallo en el kernel de Linux en las versiones anteriores a 5.9-rc6. Cuando se cambia el tamaño de la pantalla, puede ocurrir una escritura de memoria fuera de límites conllevando a una corrupción de la memoria o una denegación de servicio.La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://bugzilla.redhat.com/show_bug.cgi?id=1876788 https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html • CWE-787: Out-of-bounds Write •