Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
References
| Link | Resource |
|---|---|
| https://lkml.org/lkml/2020/6/7/379 | Exploit Patch Vendor Advisory |
| https://security.netapp.com/advisory/ntap-20201218-0002/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
History
19 Oct 2022, 14:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | (CONFIRM) https://security.netapp.com/advisory/ntap-20201218-0002/ - Third Party Advisory | |
| CPE | cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas_500f:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fabric-attached_storage_a400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:fabric-attached_storage_a400:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:* |
Information
Published : 2020-11-23 21:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-15436
Mitre link : CVE-2020-15436
CVE.ORG link : CVE-2020-15436
JSON object : View
Products Affected
netapp
- h610s
- aff_a400
- fas_500f_firmware
- h610s_firmware
- a700s_firmware
- solidfire_baseboard_management_controller
- h615c
- aff_8700_firmware
- aff_500f_firmware
- fas_8700
- h410c_firmware
- aff_8300
- h610c
- fas_8300_firmware
- a250
- fas_500f
- a250_firmware
- fabric-attached_storage_a400
- aff_8700
- h615c_firmware
- fas_8300
- cloud_backup
- aff_a400_firmware
- fabric-attached_storage_a400_firmware
- aff_500f
- solidfire_\&_hci_management_node
- a700s
- h410c
- solidfire_baseboard_management_controller_firmware
- h610c_firmware
- aff_8300_firmware
- fas_8700_firmware
linux
- linux_kernel
broadcom
- brocade_fabric_operating_system_firmware
CWE
CWE-416
Use After Free