A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.8
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
https://security.netapp.com/advisory/ntap-20201009-0002/
https://twitter.com/grsecurity/status/1303749848898904067
Source: MITRE
Published: 2020-09-13
Updated: 2020-11-02
Type: CWE-362
Base Score: 4.4
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.4
Severity: MEDIUM
Base Score: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 0.5
Severity: MEDIUM
OR
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
147690 | EulerOS : kernel (EulerOS-SA-2021-1642) | Nessus | Huawei Local Security Checks | high |
147512 | EulerOS : kernel (EulerOS-SA-2021-1604) | Nessus | Huawei Local Security Checks | high |
146511 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1) | Nessus | SuSE Local Security Checks | high |
146476 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1) | Nessus | SuSE Local Security Checks | high |
146282 | openSUSE Security Update : RT kernel (openSUSE-2021-242) | Nessus | SuSE Local Security Checks | high |
145201 | EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-1079) | Nessus | Huawei Local Security Checks | high |
144731 | EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1039) | Nessus | Huawei Local Security Checks | high |
144244 | EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-2549) | Nessus | Huawei Local Security Checks | high |
143875 | SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1) | Nessus | SuSE Local Security Checks | high |
143858 | SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3326-1) | Nessus | SuSE Local Security Checks | medium |
143857 | SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3544-1) | Nessus | SuSE Local Security Checks | high |
143809 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:3272-1) | Nessus | SuSE Local Security Checks | medium |
143802 | SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3513-1) | Nessus | SuSE Local Security Checks | high |
143780 | SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3522-1) | Nessus | SuSE Local Security Checks | high |
143773 | SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3281-1) | Nessus | SuSE Local Security Checks | medium |
143621 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:3122-1) | Nessus | SuSE Local Security Checks | medium |
143445 | Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4660-1) | Nessus | Ubuntu Local Security Checks | high |
143398 | openSUSE Security Update : the Linux Kernel (openSUSE-2020-2112) | Nessus | SuSE Local Security Checks | high |
142945 | openSUSE Security Update : the Linux Kernel (openSUSE-2020-1906) | Nessus | SuSE Local Security Checks | high |
142921 | openSUSE Security Update : the Linux Kernel (openSUSE-2020-1901) | Nessus | SuSE Local Security Checks | high |
142240 | EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-2353) | Nessus | Huawei Local Security Checks | high |
142176 | Debian DLA-2420-2 : linux regression update | Nessus | Debian Local Security Checks | high |
142148 | EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-2311) | Nessus | Huawei Local Security Checks | high |
141961 | Amazon Linux AMI : kernel (ALAS-2020-1437) | Nessus | Amazon Linux Local Security Checks | high |
141789 | Slackware 14.2 : Slackware 14.2 kernel (SSA:2020-295-01) | Nessus | Slackware Local Security Checks | high |
141451 | Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4576-1) | Nessus | Ubuntu Local Security Checks | medium |
141447 | Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4579-1) | Nessus | Ubuntu Local Security Checks | medium |
141445 | Photon OS 2.0: Linux PHSA-2020-2.0-0288 | Nessus | PhotonOS Local Security Checks | high |
141439 | Photon OS 1.0: Linux PHSA-2020-1.0-0330 | Nessus | PhotonOS Local Security Checks | medium |
141396 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5885) | Nessus | Oracle Linux Local Security Checks | high |
141395 | Oracle Linux 8 : Unbreakable Enterprise kernel (ELSA-2020-5884) | Nessus | Oracle Linux Local Security Checks | high |
141374 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044) | Nessus | OracleVM Local Security Checks | critical |
141367 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5879) | Nessus | Oracle Linux Local Security Checks | medium |
141365 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2020-5881) | Nessus | Oracle Linux Local Security Checks | medium |
141332 | EulerOS 2.0 SP9 : kernel (EulerOS-SA-2020-2166) | Nessus | Huawei Local Security Checks | high |
141329 | EulerOS : kernel (EulerOS-SA-2020-2176) | Nessus | Huawei Local Security Checks | high |
141207 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5866) | Nessus | Oracle Linux Local Security Checks | critical |
141106 | Amazon Linux 2 : kernel (ALAS-2020-1495) | Nessus | Amazon Linux Local Security Checks | high |
140933 | Debian DLA-2385-1 : linux-4.19 security update | Nessus | Debian Local Security Checks | high |