CVE-2019-20811

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

References

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3e23f719f5c4a38ffb3d30c8d7632a4ed8ccd9e

https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html

https://usn.ubuntu.com/4527-1/

https://www.debian.org/security/2020/dsa-4698

Details

Source: MITRE

Published: 2020-06-03

Updated: 2020-09-23

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
143049CentOS 7 : kernel (CESA-2020:5023)NessusCentOS Local Security Checks
medium
142991Photon OS 2.0: Linux PHSA-2020-2.0-0296NessusPhotonOS Local Security Checks
high
142822Scientific Linux Security Update : kernel on SL7.x x86_64 (2020:5023)NessusScientific Linux Local Security Checks
medium
142788Oracle Linux 7 : kernel (ELSA-2020-5023)NessusOracle Linux Local Security Checks
medium
142709RHEL 7 : kernel (RHSA-2020:5023)NessusRed Hat Local Security Checks
medium
142706RHEL 7 : kernel-rt (RHSA-2020:5026)NessusRed Hat Local Security Checks
medium
142576EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)NessusHuawei Local Security Checks
high
142240EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-2353)NessusHuawei Local Security Checks
high
141374OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044)NessusOracleVM Local Security Checks
critical
140917EulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-2150)NessusHuawei Local Security Checks
medium
140724Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4527-1)NessusUbuntu Local Security Checks
high
140361OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0041)NessusOracleVM Local Security Checks
medium
140328EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2020-1958)NessusHuawei Local Security Checks
high
140208Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5837)NessusOracle Linux Local Security Checks
medium
140141EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1920)NessusHuawei Local Security Checks
medium
139995EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1892)NessusHuawei Local Security Checks
high
139476Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5804)NessusOracle Linux Local Security Checks
high
139137EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1807)NessusHuawei Local Security Checks
high
137340Debian DSA-4698-1 : linux - security updateNessusDebian Local Security Checks
medium
137339Debian DLA-2242-1 : linux-4.9 security updateNessusDebian Local Security Checks
medium