CVE-2020-36312

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f65886606c2d3b562716de030706dfe1bea4ed5e

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10

Details

Source: MITRE

Published: 2021-04-07

Updated: 2021-04-13

Type: CWE-401

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
155219RHEL 8 : kernel (RHSA-2021:4356)NessusRed Hat Local Security Checks
high
155172RHEL 8 : kernel-rt (RHSA-2021:4140)NessusRed Hat Local Security Checks
high
155145CentOS 8 : kernel (CESA-2021:4356)NessusCentOS Local Security Checks
high
155070CentOS 8 : kernel-rt (CESA-2021:4140)NessusCentOS Local Security Checks
high
152313EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2272)NessusHuawei Local Security Checks
high
151756openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
151730openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
151562EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-2183)NessusHuawei Local Security Checks
high
151307EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-2075)NessusHuawei Local Security Checks
high
151238EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2051)NessusHuawei Local Security Checks
high
151042EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1983)NessusHuawei Local Security Checks
high
150927SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
150901SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
149892openSUSE Security Update : the Linux Kernel (openSUSE-2021-758)NessusSuSE Local Security Checks
critical
149717SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1624-1)NessusSuSE Local Security Checks
high
149716SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1623-1)NessusSuSE Local Security Checks
high
149633SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1617-1)NessusSuSE Local Security Checks
high
149605openSUSE Security Update : the Linux Kernel (openSUSE-2021-579)NessusSuSE Local Security Checks
high
149491SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1596-1)NessusSuSE Local Security Checks
high
149487SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1595-1)NessusSuSE Local Security Checks
high
149462SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1573-1)NessusSuSE Local Security Checks
high
149456SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1572-1)NessusSuSE Local Security Checks
high
148747SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1238-1)NessusSuSE Local Security Checks
critical
148698SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1211-1)NessusSuSE Local Security Checks
critical