CVE-2020-36776 (GCVE-0-2020-36776)

Vulnerability from cvelistv5 – Published: 2024-02-27 18:40 – Updated: 2025-05-04 12:40
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreq_cooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index. Return the lowest frequency if limited power cannot found a suitable OPP in EM table to fix this issue. Backtrace: [<ffffffd02d2a37f0>] die+0x104/0x5ac [<ffffffd02d2a5630>] bug_handler+0x64/0xd0 [<ffffffd02d288ce4>] brk_handler+0x160/0x258 [<ffffffd02d281e5c>] do_debug_exception+0x248/0x3f0 [<ffffffd02d284488>] el1_dbg+0x14/0xbc [<ffffffd02d75d1d4>] __kasan_report+0x1dc/0x1e0 [<ffffffd02d75c2e0>] kasan_report+0x10/0x20 [<ffffffd02d75def8>] __asan_report_load8_noabort+0x18/0x28 [<ffffffd02e6fce5c>] cpufreq_power2state+0x180/0x43c [<ffffffd02e6ead80>] power_actor_set_power+0x114/0x1d4 [<ffffffd02e6fac24>] allocate_power+0xaec/0xde0 [<ffffffd02e6f9f80>] power_allocator_throttle+0x3ec/0x5a4 [<ffffffd02e6ea888>] handle_thermal_trip+0x160/0x294 [<ffffffd02e6edd08>] thermal_zone_device_check+0xe4/0x154 [<ffffffd02d351cb4>] process_one_work+0x5e4/0xe28 [<ffffffd02d352f44>] worker_thread+0xa4c/0xfac [<ffffffd02d360124>] kthread+0x33c/0x358 [<ffffffd02d289940>] ret_from_fork+0xc/0x18
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 371a3bc79c11b707d7a1b7a2c938dc3cc042fffb , < c24a20912eef00587416628149c438e885eb1304 (git)
Affected: 371a3bc79c11b707d7a1b7a2c938dc3cc042fffb , < 876a5f33e5d961d879c5436987c09b3d9ef70379 (git)
Affected: 371a3bc79c11b707d7a1b7a2c938dc3cc042fffb , < 6bf443acf6ca4f666d0e4225614ba9993a3aa1a9 (git)
Affected: 371a3bc79c11b707d7a1b7a2c938dc3cc042fffb , < 34ab17cc6c2c1ac93d7e5d53bb972df9a968f085 (git)
Affected: 39e0651cac9c80865b2838f297f95ffc0f34a1d8 (git)
Affected: febe56f21371ba1e51e8586c3ddf8f54fc62fe61 (git)
Affected: d3b7bacd1115400b94482dfc7efffc175c29b831 (git)
Affected: 9006b543384ab10902819364c1205f11a1458571 (git)
Create a notification for this product.
    Linux Linux Affected: 5.8
Unaffected: 0 , < 5.8 (semver)
Unaffected: 5.10.36 , ≤ 5.10.* (semver)
Unaffected: 5.11.20 , ≤ 5.11.* (semver)
Unaffected: 5.12.3 , ≤ 5.12.* (semver)
Unaffected: 5.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-36776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:01:54.528476Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:56.075Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/cpufreq_cooling.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c24a20912eef00587416628149c438e885eb1304",
              "status": "affected",
              "version": "371a3bc79c11b707d7a1b7a2c938dc3cc042fffb",
              "versionType": "git"
            },
            {
              "lessThan": "876a5f33e5d961d879c5436987c09b3d9ef70379",
              "status": "affected",
              "version": "371a3bc79c11b707d7a1b7a2c938dc3cc042fffb",
              "versionType": "git"
            },
            {
              "lessThan": "6bf443acf6ca4f666d0e4225614ba9993a3aa1a9",
              "status": "affected",
              "version": "371a3bc79c11b707d7a1b7a2c938dc3cc042fffb",
              "versionType": "git"
            },
            {
              "lessThan": "34ab17cc6c2c1ac93d7e5d53bb972df9a968f085",
              "status": "affected",
              "version": "371a3bc79c11b707d7a1b7a2c938dc3cc042fffb",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "39e0651cac9c80865b2838f297f95ffc0f34a1d8",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "febe56f21371ba1e51e8586c3ddf8f54fc62fe61",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "d3b7bacd1115400b94482dfc7efffc175c29b831",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "9006b543384ab10902819364c1205f11a1458571",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/cpufreq_cooling.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.36",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.20",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.36",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.20",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.3",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.14.189",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.19.134",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.4.53",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.7.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\n\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\nIf power is limited below the power of OPP0 in EM table,\nit will cause slab out-of-bound issue with negative array\nindex.\n\nReturn the lowest frequency if limited power cannot found\na suitable OPP in EM table to fix this issue.\n\nBacktrace:\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T12:40:32.375Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304"
        },
        {
          "url": "https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379"
        },
        {
          "url": "https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085"
        }
      ],
      "title": "thermal/drivers/cpufreq_cooling: Fix slab OOB issue",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2020-36776",
    "datePublished": "2024-02-27T18:40:25.615Z",
    "dateReserved": "2024-02-26T17:07:27.434Z",
    "dateUpdated": "2025-05-04T12:40:32.375Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.8.0\", \"versionEndExcluding\": \"5.10.36\", \"matchCriteriaId\": \"3B760ADC-7139-4E69-BD9F-4944140A9E34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11.0\", \"versionEndExcluding\": \"5.11.20\", \"matchCriteriaId\": \"EFB425F0-C28C-4B44-8B4C-AD512AA832DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.12.0\", \"versionEndExcluding\": \"5.12.3\", \"matchCriteriaId\": \"C3814FA3-8141-4313-A852-8C4212BE12AD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\\n\\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\\nIf power is limited below the power of OPP0 in EM table,\\nit will cause slab out-of-bound issue with negative array\\nindex.\\n\\nReturn the lowest frequency if limited power cannot found\\na suitable OPP in EM table to fix this issue.\\n\\nBacktrace:\\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: Thermal/drivers/cpufreq_cooling: solucionar el problema de Slab OOB El problema de Slab OOB es escaneado por KASAN en cpu_power_to_freq(). Si la potencia se limita por debajo de la potencia de OPP0 en la tabla EM, provocar\\u00e1 un problema de losa fuera de los l\\u00edmites con un \\u00edndice de matriz negativo. Devuelve la frecuencia m\\u00e1s baja si la potencia limitada no puede encontrar un OPP adecuado en la tabla EM para solucionar este problema. Seguimiento inverso: [] die+0x104/0x5ac [] bug_handler+0x64/0xd0 [] brk_handler+0x160/0x258 [] do_debug_exception+0x 248/0x3f0 [] el1_dbg+0x14 /0xbc [] __kasan_report+0x1dc/0x1e0 [] kasan_report+0x10/0x20 [] __asan_report_load8_noabort+0x18/0x28 [] cpufreq_power2state+0x180/0x43c [] power_actor_set_power+0x114 /0x1d4 [] allocate_power+0xaec/0xde0 [] power_allocator_throttle+0x3ec/0x5a4 [] handle_thermal_trip+0x160/0x294 [] t\\u00e9rmico _zone_device_check+0xe4/0x154 [] proceso_one_work+0x5e4 /0xe28 [] work_thread+0xa4c/0xfac [] kthread+0x33c/0x358 [] ret_from_fork+0xc/0x18\"}]",
      "id": "CVE-2020-36776",
      "lastModified": "2024-11-21T05:30:17.090",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-02-27T19:04:05.693",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-129\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-36776\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-27T19:04:05.693\",\"lastModified\":\"2024-11-21T05:30:17.090\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\\n\\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\\nIf power is limited below the power of OPP0 in EM table,\\nit will cause slab out-of-bound issue with negative array\\nindex.\\n\\nReturn the lowest frequency if limited power cannot found\\na suitable OPP in EM table to fix this issue.\\n\\nBacktrace:\\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Thermal/drivers/cpufreq_cooling: solucionar el problema de Slab OOB El problema de Slab OOB es escaneado por KASAN en cpu_power_to_freq(). Si la potencia se limita por debajo de la potencia de OPP0 en la tabla EM, provocar\u00e1 un problema de losa fuera de los l\u00edmites con un \u00edndice de matriz negativo. Devuelve la frecuencia m\u00e1s baja si la potencia limitada no puede encontrar un OPP adecuado en la tabla EM para solucionar este problema. Seguimiento inverso: [] die+0x104/0x5ac [] bug_handler+0x64/0xd0 [] brk_handler+0x160/0x258 [] do_debug_exception+0x 248/0x3f0 [] el1_dbg+0x14 /0xbc [] __kasan_report+0x1dc/0x1e0 [] kasan_report+0x10/0x20 [] __asan_report_load8_noabort+0x18/0x28 [] cpufreq_power2state+0x180/0x43c [] power_actor_set_power+0x114 /0x1d4 [] allocate_power+0xaec/0xde0 [] power_allocator_throttle+0x3ec/0x5a4 [] handle_thermal_trip+0x160/0x294 [] t\u00e9rmico _zone_device_check+0xe4/0x154 [] proceso_one_work+0x5e4 /0xe28 [] work_thread+0xa4c/0xfac [] kthread+0x33c/0x358 [] ret_from_fork+0xc/0x18\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-129\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8.0\",\"versionEndExcluding\":\"5.10.36\",\"matchCriteriaId\":\"3B760ADC-7139-4E69-BD9F-4944140A9E34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11.0\",\"versionEndExcluding\":\"5.11.20\",\"matchCriteriaId\":\"EFB425F0-C28C-4B44-8B4C-AD512AA832DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12.0\",\"versionEndExcluding\":\"5.12.3\",\"matchCriteriaId\":\"C3814FA3-8141-4313-A852-8C4212BE12AD\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T17:37:07.187Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-36776\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T16:01:54.528476Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:19.691Z\"}}], \"cna\": {\"title\": \"thermal/drivers/cpufreq_cooling: Fix slab OOB issue\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"371a3bc79c11b707d7a1b7a2c938dc3cc042fffb\", \"lessThan\": \"c24a20912eef00587416628149c438e885eb1304\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"371a3bc79c11b707d7a1b7a2c938dc3cc042fffb\", \"lessThan\": \"876a5f33e5d961d879c5436987c09b3d9ef70379\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"371a3bc79c11b707d7a1b7a2c938dc3cc042fffb\", \"lessThan\": \"6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"371a3bc79c11b707d7a1b7a2c938dc3cc042fffb\", \"lessThan\": \"34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"39e0651cac9c80865b2838f297f95ffc0f34a1d8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"febe56f21371ba1e51e8586c3ddf8f54fc62fe61\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d3b7bacd1115400b94482dfc7efffc175c29b831\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9006b543384ab10902819364c1205f11a1458571\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/thermal/cpufreq_cooling.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.8\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.8\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.36\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.11.20\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.11.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/thermal/cpufreq_cooling.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\"}, {\"url\": \"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\"}, {\"url\": \"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\"}, {\"url\": \"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\\n\\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\\nIf power is limited below the power of OPP0 in EM table,\\nit will cause slab out-of-bound issue with negative array\\nindex.\\n\\nReturn the lowest frequency if limited power cannot found\\na suitable OPP in EM table to fix this issue.\\n\\nBacktrace:\\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.36\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.11.20\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.3\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.14.189\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.19.134\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.4.53\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.7.8\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T12:40:32.375Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-36776\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T12:40:32.375Z\", \"dateReserved\": \"2024-02-26T17:07:27.434Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-27T18:40:25.615Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.