← Back

CVE-2020-25641

nvd nist
Published: Oct 6, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Affected (15)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux · Opensuse: Leap · +2 more
Show all products
Linux: Linux Kernel · Redhat: Enterprise Linux · Opensuse: Leap · Debian: Debian Linux · Canonical: Ubuntu Linux
Linux
1 product
Linux Kernel
Redhat
1 product
Enterprise Linux
Opensuse
1 product
Leap
Debian
1 product
Debian Linux
Canonical
1 product
Ubuntu Linux
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Up to 5.8.13
Linux Kernel
Version 5.9.0
Linux Kernel
Version 5.9.0 rc1
Linux Kernel
Version 5.9.0 rc2
Linux Kernel
Version 5.9.0 rc3
Linux Kernel
Version 5.9.0 rc4
Linux Kernel
Version 5.9.0 rc5
Linux Kernel
Version 5.9.0 rc6
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Leap
Version 15.1
Leap
Version 15.2
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 9.0
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 20.04

Related CWEs

CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (18)

Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Mailing ListPatchVendor Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.