1. CVE-Search
  2. CVE-2020-0305
ID CVE-2020-0305
Summary In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 03-02-2023 - 16:23)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
redhat via4
rpms
  • bpftool-0:4.18.0-240.el8
  • bpftool-debuginfo-0:4.18.0-240.el8
  • kernel-0:4.18.0-240.el8
  • kernel-abi-whitelists-0:4.18.0-240.el8
  • kernel-core-0:4.18.0-240.el8
  • kernel-cross-headers-0:4.18.0-240.el8
  • kernel-debug-0:4.18.0-240.el8
  • kernel-debug-core-0:4.18.0-240.el8
  • kernel-debug-debuginfo-0:4.18.0-240.el8
  • kernel-debug-devel-0:4.18.0-240.el8
  • kernel-debug-modules-0:4.18.0-240.el8
  • kernel-debug-modules-extra-0:4.18.0-240.el8
  • kernel-debuginfo-0:4.18.0-240.el8
  • kernel-debuginfo-common-aarch64-0:4.18.0-240.el8
  • kernel-debuginfo-common-ppc64le-0:4.18.0-240.el8
  • kernel-debuginfo-common-s390x-0:4.18.0-240.el8
  • kernel-debuginfo-common-x86_64-0:4.18.0-240.el8
  • kernel-devel-0:4.18.0-240.el8
  • kernel-doc-0:4.18.0-240.el8
  • kernel-headers-0:4.18.0-240.el8
  • kernel-modules-0:4.18.0-240.el8
  • kernel-modules-extra-0:4.18.0-240.el8
  • kernel-tools-0:4.18.0-240.el8
  • kernel-tools-debuginfo-0:4.18.0-240.el8
  • kernel-tools-libs-0:4.18.0-240.el8
  • kernel-tools-libs-devel-0:4.18.0-240.el8
  • kernel-zfcpdump-0:4.18.0-240.el8
  • kernel-zfcpdump-core-0:4.18.0-240.el8
  • kernel-zfcpdump-debuginfo-0:4.18.0-240.el8
  • kernel-zfcpdump-devel-0:4.18.0-240.el8
  • kernel-zfcpdump-modules-0:4.18.0-240.el8
  • kernel-zfcpdump-modules-extra-0:4.18.0-240.el8
  • perf-0:4.18.0-240.el8
  • perf-debuginfo-0:4.18.0-240.el8
  • python3-perf-0:4.18.0-240.el8
  • python3-perf-debuginfo-0:4.18.0-240.el8
  • kernel-rt-0:4.18.0-240.rt7.54.el8
  • kernel-rt-core-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8
  • kernel-rt-devel-0:4.18.0-240.rt7.54.el8
  • kernel-rt-kvm-0:4.18.0-240.rt7.54.el8
  • kernel-rt-modules-0:4.18.0-240.rt7.54.el8
  • kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8
refmap via4
confirm https://source.android.com/security/bulletin/pixel/2020-06-01
suse
  • openSUSE-SU-2020:1153
  • openSUSE-SU-2020:1236
Last major update 03-02-2023 - 16:23
Published 17-07-2020 - 20:15
Last modified 03-02-2023 - 16:23
Back to Top