CVE-2020-13143

Published: May 18, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

Affected (31)

Products: Linux: Linux Kernel · Opensuse: Leap · Debian: Debian Linux · +2 more

Show all products

1 product

1 product

1 product

1 product

20 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.16 to 5.6.13

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.1
Opensuse Leap	Version 15.2

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration D

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.10
Canonical Ubuntu Linux	Version 20.04

Configuration E

6 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	All versions
Netapp Cloud Backup	All versions
Netapp Element Software	All versions
Netapp Hci Management Node	All versions
Netapp Solidfire	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Solidfire Baseboard Management Controller Firmware	All versions

Running on/with	Platform Versions
Netapp Solidfire Baseboard Management Controller	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Bootstrap Os	All versions

Running on/with	Platform Versions
Netapp Hci Compute Node	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp A700s Firmware	All versions

Running on/with	Platform Versions
Netapp A700s	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H300s Firmware	All versions

Running on/with	Platform Versions
Netapp H300s	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H500s Firmware	All versions

Running on/with	Platform Versions
Netapp H500s	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H700s Firmware	All versions

Running on/with	Platform Versions
Netapp H700s	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H300e Firmware	All versions

Running on/with	Platform Versions
Netapp H300e	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H500e Firmware	All versions

Running on/with	Platform Versions
Netapp H500e	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H700e Firmware	All versions

Running on/with	Platform Versions
Netapp H700e	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H410s Firmware	All versions

Running on/with	Platform Versions
Netapp H410s	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H410c Firmware	All versions

Running on/with	Platform Versions
Netapp H410c	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H610c Firmware	All versions

Running on/with	Platform Versions
Netapp H610c	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H610s Firmware	All versions

Running on/with	Platform Versions
Netapp H610s	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H615c Firmware	All versions

Running on/with	Platform Versions
Netapp H615c	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (32)

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=d126cf46f829d146dde3e6a8963e095ac6cfcd1c

Source: cve@mitre.org

Mailing ListPatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15753588bcd4bbffae1cca33c8ced5722477fe1f

Source: cve@mitre.org

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20200608-0001/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4411-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4412-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4413-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4414-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4419-1/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2020/dsa-4698

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2020/dsa-4699

Source: cve@mitre.org

Third Party Advisory

https://www.spinics.net/lists/linux-usb/msg194331.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html