cve-2020-36776
Vulnerability from cvelistv5
Published
2024-02-27 18:40
Modified
2024-11-04 11:49
Severity ?
Summary
thermal/drivers/cpufreq_cooling: Fix slab OOB issue
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304Patch
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-36776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:01:54.528476Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:56.075Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/cpufreq_cooling.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c24a20912eef",
              "status": "affected",
              "version": "371a3bc79c11",
              "versionType": "git"
            },
            {
              "lessThan": "876a5f33e5d9",
              "status": "affected",
              "version": "371a3bc79c11",
              "versionType": "git"
            },
            {
              "lessThan": "6bf443acf6ca",
              "status": "affected",
              "version": "371a3bc79c11",
              "versionType": "git"
            },
            {
              "lessThan": "34ab17cc6c2c",
              "status": "affected",
              "version": "371a3bc79c11",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/cpufreq_cooling.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.36",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.20",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\n\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\nIf power is limited below the power of OPP0 in EM table,\nit will cause slab out-of-bound issue with negative array\nindex.\n\nReturn the lowest frequency if limited power cannot found\na suitable OPP in EM table to fix this issue.\n\nBacktrace:\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:49:29.719Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304"
        },
        {
          "url": "https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379"
        },
        {
          "url": "https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085"
        }
      ],
      "title": "thermal/drivers/cpufreq_cooling: Fix slab OOB issue",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2020-36776",
    "datePublished": "2024-02-27T18:40:25.615Z",
    "dateReserved": "2024-02-26T17:07:27.434Z",
    "dateUpdated": "2024-11-04T11:49:29.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-36776\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-27T19:04:05.693\",\"lastModified\":\"2024-04-10T19:34:31.410\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nthermal/drivers/cpufreq_cooling: Fix slab OOB issue\\n\\nSlab OOB issue is scanned by KASAN in cpu_power_to_freq().\\nIf power is limited below the power of OPP0 in EM table,\\nit will cause slab out-of-bound issue with negative array\\nindex.\\n\\nReturn the lowest frequency if limited power cannot found\\na suitable OPP in EM table to fix this issue.\\n\\nBacktrace:\\n[\u003cffffffd02d2a37f0\u003e] die+0x104/0x5ac\\n[\u003cffffffd02d2a5630\u003e] bug_handler+0x64/0xd0\\n[\u003cffffffd02d288ce4\u003e] brk_handler+0x160/0x258\\n[\u003cffffffd02d281e5c\u003e] do_debug_exception+0x248/0x3f0\\n[\u003cffffffd02d284488\u003e] el1_dbg+0x14/0xbc\\n[\u003cffffffd02d75d1d4\u003e] __kasan_report+0x1dc/0x1e0\\n[\u003cffffffd02d75c2e0\u003e] kasan_report+0x10/0x20\\n[\u003cffffffd02d75def8\u003e] __asan_report_load8_noabort+0x18/0x28\\n[\u003cffffffd02e6fce5c\u003e] cpufreq_power2state+0x180/0x43c\\n[\u003cffffffd02e6ead80\u003e] power_actor_set_power+0x114/0x1d4\\n[\u003cffffffd02e6fac24\u003e] allocate_power+0xaec/0xde0\\n[\u003cffffffd02e6f9f80\u003e] power_allocator_throttle+0x3ec/0x5a4\\n[\u003cffffffd02e6ea888\u003e] handle_thermal_trip+0x160/0x294\\n[\u003cffffffd02e6edd08\u003e] thermal_zone_device_check+0xe4/0x154\\n[\u003cffffffd02d351cb4\u003e] process_one_work+0x5e4/0xe28\\n[\u003cffffffd02d352f44\u003e] worker_thread+0xa4c/0xfac\\n[\u003cffffffd02d360124\u003e] kthread+0x33c/0x358\\n[\u003cffffffd02d289940\u003e] ret_from_fork+0xc/0x18\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Thermal/drivers/cpufreq_cooling: solucionar el problema de Slab OOB El problema de Slab OOB es escaneado por KASAN en cpu_power_to_freq(). Si la potencia se limita por debajo de la potencia de OPP0 en la tabla EM, provocar\u00e1 un problema de losa fuera de los l\u00edmites con un \u00edndice de matriz negativo. Devuelve la frecuencia m\u00e1s baja si la potencia limitada no puede encontrar un OPP adecuado en la tabla EM para solucionar este problema. Seguimiento inverso: [] die+0x104/0x5ac [] bug_handler+0x64/0xd0 [] brk_handler+0x160/0x258 [] do_debug_exception+0x 248/0x3f0 [] el1_dbg+0x14 /0xbc [] __kasan_report+0x1dc/0x1e0 [] kasan_report+0x10/0x20 [] __asan_report_load8_noabort+0x18/0x28 [] cpufreq_power2state+0x180/0x43c [] power_actor_set_power+0x114 /0x1d4 [] allocate_power+0xaec/0xde0 [] power_allocator_throttle+0x3ec/0x5a4 [] handle_thermal_trip+0x160/0x294 [] t\u00e9rmico _zone_device_check+0xe4/0x154 [] proceso_one_work+0x5e4 /0xe28 [] work_thread+0xa4c/0xfac [] kthread+0x33c/0x358 [] ret_from_fork+0xc/0x18\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-129\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8.0\",\"versionEndExcluding\":\"5.10.36\",\"matchCriteriaId\":\"3B760ADC-7139-4E69-BD9F-4944140A9E34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11.0\",\"versionEndExcluding\":\"5.11.20\",\"matchCriteriaId\":\"EFB425F0-C28C-4B44-8B4C-AD512AA832DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12.0\",\"versionEndExcluding\":\"5.12.3\",\"matchCriteriaId\":\"C3814FA3-8141-4313-A852-8C4212BE12AD\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.