gsd-2020-11565
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-11565",
"description": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue \u201cis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.\u201d.",
"id": "GSD-2020-11565",
"references": [
"https://www.suse.com/security/cve/CVE-2020-11565.html",
"https://www.debian.org/security/2020/dsa-4698",
"https://www.debian.org/security/2020/dsa-4667",
"https://access.redhat.com/errata/RHSA-2020:4609",
"https://access.redhat.com/errata/RHSA-2020:4431",
"https://access.redhat.com/errata/RHSA-2020:4062",
"https://access.redhat.com/errata/RHSA-2020:4060",
"https://access.redhat.com/errata/RHSA-2020:2854",
"https://ubuntu.com/security/CVE-2020-11565",
"https://advisories.mageia.org/CVE-2020-11565.html",
"https://linux.oracle.com/cve/CVE-2020-11565.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-11565"
],
"details": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue \u201cis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.\u201d.",
"id": "GSD-2020-11565",
"modified": "2023-12-13T01:22:06.339701Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue \u201cis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.\u201d."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd"
},
{
"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd",
"refsource": "MISC",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd"
},
{
"name": "DSA-4667",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4667"
},
{
"name": "USN-4364-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4364-1/"
},
{
"name": "USN-4367-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4367-1/"
},
{
"name": "USN-4368-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"name": "USN-4363-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4363-1/"
},
{
"name": "USN-4369-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4369-1/"
},
{
"name": "[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
},
{
"name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"
},
{
"name": "[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
},
{
"name": "DSA-4698",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4698"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09CC13FB-6E4B-4EDF-980C-845C09E90D24",
"versionEndIncluding": "5.6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue \u201cis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.\u201d"
},
{
"lang": "es",
"value": "** EN DISPUTA ** Se detect\u00f3 un problema en el kernel de Linux versiones hasta 5.6.2. La funci\u00f3n mpol_parse_str en el archivo mm/mempolicy.c presenta una escritura fuera de l\u00edmites en la regi\u00f3n stack de la memoria porque una lista de nodos vac\u00eda es manejada inapropiadamente durante el an\u00e1lisis de la opci\u00f3n de montaje, tambi\u00e9n se conoce como CID-aa9f7d5172fa. NOTA: Alguien en la comunidad de seguridad no est\u00e1 de acuerdo en que se trata de una vulnerabilidad porque el problema \"es un error en el an\u00e1lisis de las opciones de montaje que s\u00f3lo puede ser especificado por un usuario privilegiado, por lo que la activaci\u00f3n del error no otorga ning\u00fan poder que no se tenga ya\"."
}
],
"id": "CVE-2020-11565",
"lastModified": "2024-04-11T01:06:42.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-06T01:15:12.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4363-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4364-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4367-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4368-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4369-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4667"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2020/dsa-4698"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
Loading...