← Back

CVE-2020-14356

nvd nist
Published: Aug 19, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

Affected (18)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux · Opensuse: Leap · +3 more
Show all products
Linux: Linux Kernel · Redhat: Enterprise Linux · Opensuse: Leap · Debian: Debian Linux · Canonical: Ubuntu Linux · Netapp: Active Iq Unified Manager, Cloud Backup, Hci Management Node, Solidfire, Solidfire Baseboard Management Controller Firmware
Linux
1 product
Linux Kernel
Redhat
1 product
Enterprise Linux
Opensuse
1 product
Leap
Debian
1 product
Debian Linux
Canonical
1 product
Ubuntu Linux
Netapp
5 products
Active Iq Unified Manager
Cloud Backup
Hci Management Node
Solidfire
Solidfire Baseboard Management Controller Firmware
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 4.10 to 4.14.189
Linux Kernel
From 4.15 to 4.19.134
Linux Kernel
From 4.20 to 5.4.53
Linux Kernel
From 4.5 to 4.9.231
Linux Kernel
From 5.5 to 5.7.10
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux
Version 8.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Leap
Version 15.1
Leap
Version 15.2
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 9.0
Configuration E
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 20.04
Configuration F
4 vulnerable
Vulnerable SoftwareAffected Versions
Active Iq Unified Manager
All versions
Cloud Backup
All versions
Hci Management Node
All versions
Solidfire
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Solidfire Baseboard Management Controller Firmware
All versions
Running on/withPlatform Versions
Netapp
Solidfire Baseboard Management Controller
All versions

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (24)

Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
ExploitIssue TrackingVendor Advisory
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
ExploitVendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.