1. CVE-Search
  2. CVE-2020-0427
ID CVE-2020-0427
Summary In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*
  • cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*
    cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*
CVSS
Base: 2.1 (as of 25-10-2022 - 16:12)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
refmap via4
misc https://source.android.com/security/bulletin/pixel/2020-09-01
mlist [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
suse
  • openSUSE-SU-2020:1586
  • openSUSE-SU-2020:1655
Last major update 25-10-2022 - 16:12
Published 17-09-2020 - 19:15
Last modified 25-10-2022 - 16:12
Back to Top