← Back

CVE-2020-25639

nvd nist
Published: Mar 4, 2021Modified: Nov 21, 2024

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 0.8 / Impact: 3.6
Source: NVD

Description

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

Affected (11)

Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Redhat
3 products
Enterprise Linux
Messaging Realtime Grid
Openshift Container Platform
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Linux Kernel
Up to 5.11.2
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 32
Fedora
Version 33
Configuration C
8 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 5.0
Enterprise Linux
Version 6.0
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Messaging Realtime Grid
Version 2.0
Redhat
Openshift Container Platform
Version 4.4
Openshift Container Platform
Version 4.5
Openshift Container Platform
Version 4.6

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (6)

Source: secalert@redhat.com
ExploitIssue TrackingThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.