var-202011-0423
Vulnerability from variot

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Linux Kernel Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.

Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.

Bug fix:

  • RHACM 2.0.8 images (BZ #1915461)

  • Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):

1915461 - RHACM 2.0.8 images 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation

  1. 7.6) - ppc64, ppc64le, x86_64

Bug Fix(es):

  • [infiniband] Backport Request to fix Multicast Sendonly joins (BZ#1937820)

  • Bugs fixed (https://bugzilla.redhat.com/):

1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore 1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c 1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem 1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles 1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module

  1. 7) - noarch, x86_64

Bug Fix(es):

  • kernel-rt: update to the latest RHEL7.9.z3 source tree (BZ#1906133)

  • [kernel-rt] WARNING: CPU: 8 PID: 586 at kernel/sched/core.c:3644 migrate_enable+0x15f/0x210 (BZ#1916123)

  • [kernel-rt-debug] [ BUG: bad unlock balance detected! ] [RHEL-7.9.z] (BZ#1916130)

  • -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:0336-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0336 Issue date: 2021-02-02 CVE Names: CVE-2020-15436 CVE-2020-35513 ==================================================================== 1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in fs/block_dev.c (CVE-2020-15436)

  • kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • double free issue in filelayout_alloc_commit_info (BZ#1679980)

  • Regression: Plantronics Device SHS2355-11 PTT button does not work after update to 7.7 (BZ#1769502)

  • Openstack network node reports unregister_netdevice: waiting for qr-3cec0c92-9a to become free. Usage count = 1 (BZ#1809519)

  • dlm: add ability to interrupt waiting for acquire POSIX lock (BZ#1826858)

  • [Azure][RHEL7] soft lockups and performance loss occurring during final fsync with parallel dd writes to xfs filesystem in azure instance (BZ#1859364)

  • Guest crashed when hotplug vcpus on booting kernel stage (BZ#1866138)

  • soft lockup occurs while a thread group leader is waiting on tasklist_waiters in mm_update_next_owner() where a huge number of the thread group members are exiting and trying to take the tasklist_lock. (BZ#1872110)

  • [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate (BZ#1883403)

  • [Hyper-V][RHEL7] Request to included a commit that adds a timeout to vmbus_wait_for_unload (BZ#1888979)

  • Unable to discover the LUNs from new storage port (BZ#1889311)

  • RHEL 7.9 Kernel panic at ceph_put_snap_realm+0x21 (BZ#1890386)

  • A hard lockup occurrs where one task is looping in an sk_lock spinlock that has been taken by another task running timespec64_add_ns(). (BZ#1890911)

  • ethtool/mlx5_core provides incorrect SFP module info (BZ#1896756)

  • RHEL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (BZ#1896826)

  • RHEL7.7 - s390/dasd: Fix zero write for FBA devices (BZ#1896839)

  • [Azure]IP forwarding issue in netvsc[7.9.z] (BZ#1898280)

  • Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels (BZ#1917504)

Enhancement(s):

  • RFE : handle better ERRbaduid on SMB1 (BZ#1847041)

  • Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c 1905208 - CVE-2020-35513 kernel: fix nfsd failure to clear umask after processing an open or create [rhel-7] 1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create 1917504 - Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels

  1. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source: kernel-3.10.0-1160.15.2.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source: kernel-3.10.0-1160.15.2.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source: kernel-3.10.0-1160.15.2.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

ppc64: bpftool-3.10.0-1160.15.2.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm kernel-devel-3.10.0-1160.15.2.el7.ppc64.rpm kernel-headers-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64.rpm perf-3.10.0-1160.15.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm

ppc64le: bpftool-3.10.0-1160.15.2.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-devel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-headers-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64le.rpm perf-3.10.0-1160.15.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm

s390x: bpftool-3.10.0-1160.15.2.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.15.2.el7.s390x.rpm kernel-devel-3.10.0-1160.15.2.el7.s390x.rpm kernel-headers-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.15.2.el7.s390x.rpm perf-3.10.0-1160.15.2.el7.s390x.rpm perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm python-perf-3.10.0-1160.15.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm

x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64: bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm

ppc64le: bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm

x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source: kernel-3.10.0-1160.15.2.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64: bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64: bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBYBlBsdzjgjWX9erEAQhTZhAAmSFzEZeB0CWYNaJ2PVwoFm4PA9rdYDyg G1j/plxrO6bczNEz+XDnAzRPrCbJRPPt6VJxjpLkb25ph0f5tQ+Q7Ph7sAefSbDX BLDjjvl+Wd1g2FEfIQ43wDp8UWuFCVVMF3ajJHFz9ROqrA/1hs0gj7ht9gXRlttT LSI67A08tEWRPtaf5c1M8h/IJtZiF4sfYDrfhp4mFRTZYybTvVjML+xf69Qq7o2D AsxbyKRVNQKC0Epm6C+Tzbw6SxhonrAQyjADWenQ8bCS2TF8WY2OZA7sNs7nddZu Ha/mCB2vSR2WCWLGxCLXTtsK3y52qPIyUn4mBmatJUIBcbJMnQbgZgWrEcTobsoD N5MWdqE6xGjct0KMz0fV6J9D5JWQjUN4O8K0vVQP4aoAX25jMWCq14RLLRUvusJm dLI59E5nN1pLMlADiAAh2Iceac/daIF9fvWn2XoF16/ZQNffa0yCiNFaDg+AW4Tg Z/b82VoOiz7uJWyv06TMcljafEaIxjpnjGmpKQ2qz8UYoxYYsnRyKpHJxLeiB53A TKbkiQJoFutNeUcbBSA6F6sqLlaJ7CtoyzxsVVwM+LtYF1iUXqC+Hp6Gs5NB8WXr JQSrrv0X0H7sAu7FHCyL/ygMQK/IiZKiPxiRBZJH6pJz5OL8GVKxR1CSZmHXvgKo QPLPtfMOGPs=Hdxh -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - aarch64, noarch, ppc64le

  1. ========================================================================== Ubuntu Security Notice USN-4752-1 February 25, 2021

linux-oem-5.6 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description: - linux-oem-5.6: Linux kernel for OEM systems

Details:

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135)

Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314)

It was discovered that the block layer implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-15436)

It was discovered that the serial port driver in the Linux kernel did not properly initialize a pointer in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-15437)

Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490)

It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)

It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284)

It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641)

It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643)

Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704)

It was discovered that the KVM hypervisor in the Linux kernel did not properly handle interrupts in certain situations. A local attacker in a guest VM could possibly use this to cause a denial of service (host system crash). (CVE-2020-27152)

It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815)

It was discovered that an information leak existed in the syscall implementation in the Linux kernel on 32 bit systems. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28588)

It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915)

Jann Horn discovered a race condition in the copy-on-write implementation in the Linux kernel when handling hugepages. A local attacker could use this to gain unintended write access to read-only memory pages. (CVE-2020-29368)

Jann Horn discovered that the mmap implementation in the Linux kernel contained a race condition when handling munmap() operations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-29369)

Jann Horn discovered that the romfs file system in the Linux kernel did not properly validate file system meta-data, leading to an out-of-bounds read. An attacker could use this to construct a malicious romfs image that, when mounted, exposed sensitive information (kernel memory). (CVE-2020-29371)

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. (CVE-2020-29660)

Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)

It was discovered that a race condition existed that caused the Linux kernel to not properly restrict exit signal delivery. A local attacker could possibly use this to send signals to arbitrary processes. (CVE-2020-35508)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS: linux-image-5.6.0-1048-oem 5.6.0-1048.52 linux-image-oem-20.04 5.6.0.1048.44

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References: https://usn.ubuntu.com/4752-1 CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437, CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641, CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815, CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369, CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508

Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1048.52

Show details on source website


{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202011-0423",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "5.5",
         },
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "4.15",
         },
         {
            model: "aff a400",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "brocade fabric operating system",
            scope: "eq",
            trust: 1,
            vendor: "broadcom",
            version: null,
         },
         {
            model: "solidfire \\& hci management node",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "h610c",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "4.4.229",
         },
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "4.5",
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "4.9.229",
         },
         {
            model: "a700s",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "5.7.6",
         },
         {
            model: "fas 8700",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "4.10",
         },
         {
            model: "fabric-attached storage a400",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "h615c",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "aff 8700",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "aff 8300",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "fas 500f",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "solidfire baseboard management controller",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "h410c",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "a250",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "4.14.186",
         },
         {
            model: "aff 500f",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "cloud backup",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "h610s",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "4.20",
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "5.4.49",
         },
         {
            model: "kernel",
            scope: "gte",
            trust: 1,
            vendor: "linux",
            version: "2.6.38",
         },
         {
            model: "kernel",
            scope: "lt",
            trust: 1,
            vendor: "linux",
            version: "4.19.130",
         },
         {
            model: "fas 8300",
            scope: "eq",
            trust: 1,
            vendor: "netapp",
            version: null,
         },
         {
            model: "kernel",
            scope: "eq",
            trust: 0.8,
            vendor: "linux",
            version: "5.8",
         },
         {
            model: "kernel",
            scope: "eq",
            trust: 0.8,
            vendor: "linux",
            version: null,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Red Hat",
      sources: [
         {
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
      ],
      trust: 1.2,
   },
   cve: "CVE-2020-15436",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "COMPLETE",
                  baseScore: 7.2,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 3.9,
                  id: "CVE-2020-15436",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 1.9,
                  vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  author: "VULHUB",
                  availabilityImpact: "COMPLETE",
                  baseScore: 7.2,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 3.9,
                  id: "VHN-168414",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 0.1,
                  vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 0.8,
                  id: "CVE-2020-15436",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "Low",
                  attackVector: "Local",
                  author: "NVD",
                  availabilityImpact: "High",
                  baseScore: 6.7,
                  baseSeverity: "Medium",
                  confidentialityImpact: "High",
                  exploitabilityScore: null,
                  id: "CVE-2020-15436",
                  impactScore: null,
                  integrityImpact: "High",
                  privilegesRequired: "High",
                  scope: "Unchanged",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2020-15436",
                  trust: 1,
                  value: "MEDIUM",
               },
               {
                  author: "NVD",
                  id: "CVE-2020-15436",
                  trust: 0.8,
                  value: "Medium",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202011-1793",
                  trust: 0.6,
                  value: "MEDIUM",
               },
               {
                  author: "VULHUB",
                  id: "VHN-168414",
                  trust: 0.1,
                  value: "HIGH",
               },
               {
                  author: "VULMON",
                  id: "CVE-2020-15436",
                  trust: 0.1,
                  value: "HIGH",
               },
            ],
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Linux Kernel Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console—with security policy built in. \n\nBug fix:\n\n* RHACM 2.0.8 images (BZ #1915461)\n\n3. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1915461 - RHACM 2.0.8 images\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n\n5. 7.6) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* [infiniband] Backport Request to fix Multicast Sendonly joins\n(BZ#1937820)\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore\n1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c\n1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem\n1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles\n1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module\n\n6. 7) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* kernel-rt: update to the latest RHEL7.9.z3 source tree (BZ#1906133)\n\n* [kernel-rt] WARNING: CPU: 8 PID: 586 at kernel/sched/core.c:3644\nmigrate_enable+0x15f/0x210 (BZ#1916123)\n\n* [kernel-rt-debug] [ BUG: bad unlock balance detected! ] [RHEL-7.9.z]\n(BZ#1916130)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: kernel security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2021:0336-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2021:0336\nIssue date:        2021-02-02\nCVE Names:         CVE-2020-15436 CVE-2020-35513\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* kernel: use-after-free in fs/block_dev.c (CVE-2020-15436)\n\n* kernel: Nfsd failure to clear umask after processing an open or create\n(CVE-2020-35513)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* double free issue in filelayout_alloc_commit_info (BZ#1679980)\n\n* Regression: Plantronics Device SHS2355-11 PTT button does not work after\nupdate to 7.7 (BZ#1769502)\n\n* Openstack network node reports unregister_netdevice: waiting for\nqr-3cec0c92-9a to become free. Usage count = 1 (BZ#1809519)\n\n* dlm: add ability to interrupt waiting for acquire POSIX lock (BZ#1826858)\n\n* [Azure][RHEL7] soft lockups and performance loss occurring during final\nfsync with parallel dd writes to xfs filesystem in azure instance\n(BZ#1859364)\n\n* Guest crashed when hotplug vcpus on booting kernel stage (BZ#1866138)\n\n* soft lockup occurs while a thread group leader is waiting on\ntasklist_waiters in mm_update_next_owner() where a huge number of the\nthread group members are exiting and trying to take the tasklist_lock. \n(BZ#1872110)\n\n* [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate (BZ#1883403)\n\n* [Hyper-V][RHEL7] Request to included a commit that adds a timeout to\nvmbus_wait_for_unload (BZ#1888979)\n\n* Unable to discover the LUNs from new storage port (BZ#1889311)\n\n* RHEL 7.9 Kernel panic at ceph_put_snap_realm+0x21 (BZ#1890386)\n\n* A hard lockup occurrs where one task is looping in an sk_lock spinlock\nthat has been taken by another task running timespec64_add_ns(). \n(BZ#1890911)\n\n* ethtool/mlx5_core provides incorrect SFP module info (BZ#1896756)\n\n* RHEL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (BZ#1896826)\n\n* RHEL7.7 - s390/dasd: Fix zero write for FBA devices (BZ#1896839)\n\n* [Azure]IP forwarding issue in netvsc[7.9.z] (BZ#1898280)\n\n* Security patch for CVE-2020-25212 breaks directory listings via 'ls' on\nNFS V4.2 shares mounted with selinux enabled labels (BZ#1917504)\n\nEnhancement(s):\n\n* RFE : handle better ERRbaduid on SMB1 (BZ#1847041)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c\n1905208 - CVE-2020-35513 kernel: fix nfsd failure to clear umask after processing an open or create [rhel-7]\n1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create\n1917504 - Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1160.15.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.15.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.15.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1160.15.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.15.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.15.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1160.15.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.15.2.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1160.15.2.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debug-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-devel-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-headers-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-tools-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.ppc64.rpm\nperf-3.10.0-1160.15.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\npython-perf-3.10.0-1160.15.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1160.15.2.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debug-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-devel-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-headers-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-tools-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.ppc64le.rpm\nperf-3.10.0-1160.15.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\npython-perf-3.10.0-1160.15.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1160.15.2.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-debug-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-devel-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-headers-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-kdump-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1160.15.2.el7.s390x.rpm\nperf-3.10.0-1160.15.2.el7.s390x.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\npython-perf-3.10.0-1160.15.2.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1160.15.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1160.15.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.15.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.15.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYBlBsdzjgjWX9erEAQhTZhAAmSFzEZeB0CWYNaJ2PVwoFm4PA9rdYDyg\nG1j/plxrO6bczNEz+XDnAzRPrCbJRPPt6VJxjpLkb25ph0f5tQ+Q7Ph7sAefSbDX\nBLDjjvl+Wd1g2FEfIQ43wDp8UWuFCVVMF3ajJHFz9ROqrA/1hs0gj7ht9gXRlttT\nLSI67A08tEWRPtaf5c1M8h/IJtZiF4sfYDrfhp4mFRTZYybTvVjML+xf69Qq7o2D\nAsxbyKRVNQKC0Epm6C+Tzbw6SxhonrAQyjADWenQ8bCS2TF8WY2OZA7sNs7nddZu\nHa/mCB2vSR2WCWLGxCLXTtsK3y52qPIyUn4mBmatJUIBcbJMnQbgZgWrEcTobsoD\nN5MWdqE6xGjct0KMz0fV6J9D5JWQjUN4O8K0vVQP4aoAX25jMWCq14RLLRUvusJm\ndLI59E5nN1pLMlADiAAh2Iceac/daIF9fvWn2XoF16/ZQNffa0yCiNFaDg+AW4Tg\nZ/b82VoOiz7uJWyv06TMcljafEaIxjpnjGmpKQ2qz8UYoxYYsnRyKpHJxLeiB53A\nTKbkiQJoFutNeUcbBSA6F6sqLlaJ7CtoyzxsVVwM+LtYF1iUXqC+Hp6Gs5NB8WXr\nJQSrrv0X0H7sAu7FHCyL/ygMQK/IiZKiPxiRBZJH6pJz5OL8GVKxR1CSZmHXvgKo\nQPLPtfMOGPs=Hdxh\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - aarch64, noarch, ppc64le\n\n3. ==========================================================================\nUbuntu Security Notice USN-4752-1\nFebruary 25, 2021\n\nlinux-oem-5.6 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-oem-5.6: Linux kernel for OEM systems\n\nDetails:\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered\nthat legacy pairing and secure-connections pairing authentication in the\nBluetooth protocol could allow an unauthenticated user to complete\nauthentication without pairing credentials via adjacent access. A\nphysically proximate attacker could use this to impersonate a previously\npaired Bluetooth device. (CVE-2020-10135)\n\nJay Shin discovered that the ext4 file system implementation in the Linux\nkernel did not properly handle directory access with broken indexing,\nleading to an out-of-bounds read vulnerability. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2020-14314)\n\nIt was discovered that the block layer implementation in the Linux kernel\ndid not properly perform reference counting in some situations, leading to\na use-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2020-15436)\n\nIt was discovered that the serial port driver in the Linux kernel did not\nproperly initialize a pointer in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash). \n(CVE-2020-15437)\n\nAndy Nguyen discovered that the Bluetooth HCI event packet parser in the\nLinux kernel did not properly handle event advertisements of certain sizes,\nleading to a heap-based buffer overflow. A physically proximate remote\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2020-24490)\n\nIt was discovered that the NFS client implementation in the Linux kernel\ndid not properly perform bounds checking before copying security labels in\nsome situations. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2020-25212)\n\nIt was discovered that the Rados block device (rbd) driver in the Linux\nkernel did not properly perform privilege checks for access to rbd devices\nin some situations. A local attacker could use this to map or unmap rbd\nblock devices. (CVE-2020-25284)\n\nIt was discovered that the block layer subsystem in the Linux kernel did\nnot properly handle zero-length requests. A local attacker could use this\nto cause a denial of service. (CVE-2020-25641)\n\nIt was discovered that the HDLC PPP implementation in the Linux kernel did\nnot properly validate input in some situations. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2020-25643)\n\nKiyin (尹亮) discovered that the perf subsystem in the Linux kernel did\nnot properly deallocate memory in some situations. A privileged attacker\ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2020-25704)\n\nIt was discovered that the KVM hypervisor in the Linux kernel did not\nproperly handle interrupts in certain situations. A local attacker in a\nguest VM could possibly use this to cause a denial of service (host system\ncrash). (CVE-2020-27152)\n\nIt was discovered that the jfs file system implementation in the Linux\nkernel contained an out-of-bounds read vulnerability. A local attacker\ncould use this to possibly cause a denial of service (system crash). \n(CVE-2020-27815)\n\nIt was discovered that an information leak existed in the syscall\nimplementation in the Linux kernel on 32 bit systems. A local attacker\ncould use this to expose sensitive information (kernel memory). \n(CVE-2020-28588)\n\nIt was discovered that the framebuffer implementation in the Linux kernel\ndid not properly perform range checks in certain situations. A local\nattacker could use this to expose sensitive information (kernel memory). \n(CVE-2020-28915)\n\nJann Horn discovered a race condition in the copy-on-write implementation\nin the Linux kernel when handling hugepages. A local attacker could use\nthis to gain unintended write access to read-only memory pages. \n(CVE-2020-29368)\n\nJann Horn discovered that the mmap implementation in the Linux kernel\ncontained a race condition when handling munmap() operations, leading to a\nread-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly expose sensitive information. \n(CVE-2020-29369)\n\nJann Horn discovered that the romfs file system in the Linux kernel did not\nproperly validate file system meta-data, leading to an out-of-bounds read. \nAn attacker could use this to construct a malicious romfs image that, when\nmounted, exposed sensitive information (kernel memory). (CVE-2020-29371)\n\nJann Horn discovered that the tty subsystem of the Linux kernel did not use\nconsistent locking in some situations, leading to a read-after-free\nvulnerability. \n(CVE-2020-29660)\n\nJann Horn discovered a race condition in the tty subsystem of the Linux\nkernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-\nfree vulnerability. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2020-29661)\n\nIt was discovered that a race condition existed that caused the Linux\nkernel to not properly restrict exit signal delivery. A local attacker\ncould possibly use this to send signals to arbitrary processes. \n(CVE-2020-35508)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n  linux-image-5.6.0-1048-oem      5.6.0-1048.52\n  linux-image-oem-20.04           5.6.0.1048.44\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n  https://usn.ubuntu.com/4752-1\n  CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437,\n  CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641,\n  CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815,\n  CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369,\n  CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1048.52\n",
      sources: [
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            db: "PACKETSTORM",
            id: "161556",
         },
      ],
      trust: 2.43,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2020-15436",
            trust: 4.1,
         },
         {
            db: "PACKETSTORM",
            id: "162346",
            trust: 0.8,
         },
         {
            db: "PACKETSTORM",
            id: "161556",
            trust: 0.8,
         },
         {
            db: "PACKETSTORM",
            id: "163248",
            trust: 0.8,
         },
         {
            db: "PACKETSTORM",
            id: "161656",
            trust: 0.8,
         },
         {
            db: "PACKETSTORM",
            id: "161250",
            trust: 0.8,
         },
         {
            db: "ICS CERT",
            id: "ICSA-24-074-07",
            trust: 0.8,
         },
         {
            db: "JVN",
            id: "JVNVU93656033",
            trust: 0.8,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
            trust: 0.8,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
            trust: 0.7,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0377",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.1148",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.2203",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0589",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.2604",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.1436",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2020.4391",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2020.4341",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0365",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0791",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2020.4377",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0166",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2020.4410",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2022.6112",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.0717",
            trust: 0.6,
         },
         {
            db: "CS-HELP",
            id: "SB2021042828",
            trust: 0.6,
         },
         {
            db: "CS-HELP",
            id: "SB2021062303",
            trust: 0.6,
         },
         {
            db: "PACKETSTORM",
            id: "161258",
            trust: 0.2,
         },
         {
            db: "PACKETSTORM",
            id: "161259",
            trust: 0.2,
         },
         {
            db: "CNVD",
            id: "CNVD-2020-66297",
            trust: 0.1,
         },
         {
            db: "VULHUB",
            id: "VHN-168414",
            trust: 0.1,
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            db: "PACKETSTORM",
            id: "161556",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   id: "VAR-202011-0423",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
      ],
      trust: 0.01,
   },
   last_update_date: "2024-11-23T19:46:26.104000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "Fix use-after-free in blkdev_get()",
            trust: 0.8,
            url: "http://www.kernel.org",
         },
         {
            title: "Linux kernel Remediation of resource management error vulnerabilities",
            trust: 0.6,
            url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=136428",
         },
         {
            title: "Red Hat: Moderate: kernel-rt security and bug fix update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210338 - Security Advisory",
         },
         {
            title: "Red Hat: Moderate: kernel security, bug fix, and enhancement update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210336 - Security Advisory",
         },
         {
            title: "Red Hat: Important: kernel-alt security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210354 - Security Advisory",
         },
         {
            title: "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210607 - Security Advisory",
         },
         {
            title: "IBM: Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plus",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ddbe78143bb073890c2ecb87b35850bf",
         },
         {
            title: "IBM: Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e9d6f12dfd14652e2bb7e5c28ded162b",
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-416",
            trust: 1.1,
         },
         {
            problemtype: "Use of freed memory (CWE-416) [NVD evaluation ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 2.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-15436",
         },
         {
            trust: 1.8,
            url: "https://security.netapp.com/advisory/ntap-20201218-0002/",
         },
         {
            trust: 1.8,
            url: "https://lkml.org/lkml/2020/6/7/379",
         },
         {
            trust: 0.8,
            url: "https://jvn.jp/vu/jvnvu93656033/index.html",
         },
         {
            trust: 0.8,
            url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07",
         },
         {
            trust: 0.7,
            url: "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-the-linux-kernel-samba-sudo-python-and-tcmu-runner-affect-ibm-spectrum-protect-plus/",
         },
         {
            trust: 0.6,
            url: "https://access.redhat.com/security/team/contact/",
         },
         {
            trust: 0.6,
            url: "https://bugzilla.redhat.com/):",
         },
         {
            trust: 0.6,
            url: "https://access.redhat.com/security/cve/cve-2020-15436",
         },
         {
            trust: 0.6,
            url: "https://source.android.com/security/bulletin/2021-04-01",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2020.4391/",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0717",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2020.4377/",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2020.4410/",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.1148",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2020.4341/",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021042828",
         },
         {
            trust: 0.6,
            url: "https://packetstormsecurity.com/files/163248/red-hat-security-advisory-2021-2523-01.html",
         },
         {
            trust: 0.6,
            url: "https://packetstormsecurity.com/files/161250/red-hat-security-advisory-2021-0354-01.html",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.2203",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021062303",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2022.6112",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0365/",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0377/",
         },
         {
            trust: 0.6,
            url: "https://packetstormsecurity.com/files/161656/red-hat-security-advisory-2021-0719-01.html",
         },
         {
            trust: 0.6,
            url: "https://packetstormsecurity.com/files/162346/red-hat-security-advisory-2021-1376-01.html",
         },
         {
            trust: 0.6,
            url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0589",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.1436",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.2604",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0791",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.0166/",
         },
         {
            trust: 0.6,
            url: "https://vigilance.fr/vulnerability/linux-kernel-use-after-free-via-blkdev-get-34039",
         },
         {
            trust: 0.6,
            url: "https://packetstormsecurity.com/files/161556/ubuntu-security-notice-usn-4752-1.html",
         },
         {
            trust: 0.5,
            url: "https://access.redhat.com/articles/11258",
         },
         {
            trust: 0.5,
            url: "https://access.redhat.com/security/team/key/",
         },
         {
            trust: 0.3,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-29661",
         },
         {
            trust: 0.3,
            url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce",
         },
         {
            trust: 0.3,
            url: "https://access.redhat.com/security/cve/cve-2020-35513",
         },
         {
            trust: 0.3,
            url: "https://access.redhat.com/security/updates/classification/#moderate",
         },
         {
            trust: 0.3,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-35513",
         },
         {
            trust: 0.3,
            url: "https://access.redhat.com/security/updates/classification/#important",
         },
         {
            trust: 0.3,
            url: "https://www.redhat.com/mailman/listinfo/rhsa-announce",
         },
         {
            trust: 0.2,
            url: "https://access.redhat.com/errata/rhsa-2021:0338",
         },
         {
            trust: 0.2,
            url: "https://access.redhat.com/security/cve/cve-2020-29661",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/416.html",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-20230",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-12723",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-3121",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-14351",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10878",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-25705",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2021:0719",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2021-3121",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-14351",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2021-20230",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25705",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12723",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10543",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-10878",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-10543",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12362",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-12362",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2021:2523",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-27364",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2021:1376",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-28374",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-27363",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2021-27364",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-27365",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2021-27365",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2021-27363",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-28374",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2021:0336",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2021:0354",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-1749",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-1749",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-29660",
         },
         {
            trust: 0.1,
            url: "https://usn.ubuntu.com/4752-1",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25212",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-24490",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-10135",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25641",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-15437",
         },
         {
            trust: 0.1,
            url: "https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1048.52",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-29369",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-27152",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-28915",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25704",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-27815",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25284",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-25643",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-28588",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-14314",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-29371",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-29368",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-35508",
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            db: "PACKETSTORM",
            id: "161556",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            db: "PACKETSTORM",
            id: "161556",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2020-11-23T00:00:00",
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            date: "2020-11-23T00:00:00",
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            date: "2021-07-16T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            date: "2021-03-04T15:33:19",
            db: "PACKETSTORM",
            id: "161656",
         },
         {
            date: "2021-06-22T19:41:34",
            db: "PACKETSTORM",
            id: "163248",
         },
         {
            date: "2021-04-27T15:32:47",
            db: "PACKETSTORM",
            id: "162346",
         },
         {
            date: "2021-02-02T16:13:04",
            db: "PACKETSTORM",
            id: "161259",
         },
         {
            date: "2021-02-02T16:12:50",
            db: "PACKETSTORM",
            id: "161258",
         },
         {
            date: "2021-02-02T16:11:22",
            db: "PACKETSTORM",
            id: "161250",
         },
         {
            date: "2021-02-25T15:31:12",
            db: "PACKETSTORM",
            id: "161556",
         },
         {
            date: "2020-11-23T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            date: "2020-11-23T21:15:11.813000",
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2022-10-19T00:00:00",
            db: "VULHUB",
            id: "VHN-168414",
         },
         {
            date: "2020-12-18T00:00:00",
            db: "VULMON",
            id: "CVE-2020-15436",
         },
         {
            date: "2024-03-22T07:12:00",
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
         {
            date: "2022-11-24T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
         {
            date: "2024-11-21T05:05:33.167000",
            db: "NVD",
            id: "CVE-2020-15436",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "local",
      sources: [
         {
            db: "PACKETSTORM",
            id: "161556",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
      ],
      trust: 0.7,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Linux Kernel  Vulnerability in using free memory in",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-013950",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "resource management error",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202011-1793",
         },
      ],
      trust: 0.6,
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.