CVE-2020-36310

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-36310
An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8 Release Notes Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e Vendor Advisory
https://www.debian.org/security/2022/dsa-5095 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
History

18 Apr 2022, 19:27

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
References (DEBIAN) https://www.debian.org/security/2022/dsa-5095 - (DEBIAN) https://www.debian.org/security/2022/dsa-5095 - Third Party Advisory

10 Mar 2022, 17:41

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5095 -
Information

Published : 2021-04-07 00:15

Updated : 2024-02-04 21:47

NVD link : CVE-2020-36310

Mitre link : CVE-2020-36310

CVE.ORG link : CVE-2020-36310

JSON object : View

Products Affected

debian

  • debian_linux

linux

  • linux_kernel
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')