CVE-2020-29371

Published: Nov 28, 2020Modified: Nov 21, 2024

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.

Affected (1)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 5.8.4

Related CWEs

CWE-908

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (8)

https://bugs.chromium.org/p/project-zero/issues/detail?id=2077

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.4

Source: cve@mitre.org

Release NotesVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2935e0a3cec1ffa558eea90db6279cff83aa3592

Source: cve@mitre.org

PatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bcf85fcedfdd17911982a3e3564fcfec7b01eebd

Source: cve@mitre.org

PatchVendor Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=2077

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.4

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2935e0a3cec1ffa558eea90db6279cff83aa3592

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bcf85fcedfdd17911982a3e3564fcfec7b01eebd

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.