CVE-2020-36385

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

References

https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1

https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10

https://security.netapp.com/advisory/ntap-20210720-0004/

Details

Source: MITRE

Published: 2021-06-07

Updated: 2021-12-01

Type: CWE-416

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (50 total)

IDNameProductFamilySeverity
156793RHEL 6 : kernel (RHSA-2022:0157)NessusRed Hat Local Security Checks
high
156580Photon OS 3.0: Linux PHSA-2022-3.0-0345NessusPhotonOS Local Security Checks
high
156347EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)NessusHuawei Local Security Checks
high
155977RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.20 (Critical) (RHSA-2021:5035)NessusRed Hat Local Security Checks
critical
155927RHEL 7 : kpatch-patch (RHSA-2021:4971)NessusRed Hat Local Security Checks
high
155814SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14849-1)NessusSuSE Local Security Checks
high
155759CentOS 7 : kernel (CESA-2021:4777)NessusCentOS Local Security Checks
high
155746RHEL 8 : kernel (RHSA-2021:4871)NessusRed Hat Local Security Checks
high
155745RHEL 8 : kernel-rt (RHSA-2021:4875)NessusRed Hat Local Security Checks
high
155743RHEL 8 : kpatch-patch (RHSA-2021:4859)NessusRed Hat Local Security Checks
high
155692Oracle Linux 7 : kernel (ELSA-2021-4777)NessusOracle Linux Local Security Checks
high
155691RHEL 7 : kernel (RHSA-2021:4777)NessusRed Hat Local Security Checks
high
155690RHEL 7 : kernel-rt (RHSA-2021:4779)NessusRed Hat Local Security Checks
high
155688RHEL 7 : kpatch-patch (RHSA-2021:4798)NessusRed Hat Local Security Checks
high
155684RHEL 7 : kernel (RHSA-2021:4770)NessusRed Hat Local Security Checks
high
155385RHEL 7 : kernel (RHSA-2021:4692)NessusRed Hat Local Security Checks
high
155376RHEL 8 : kernel (RHSA-2021:4687)NessusRed Hat Local Security Checks
high
155222Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-2)NessusUbuntu Local Security Checks
high
155149RHEL 8 : kpatch-patch (RHSA-2021:4597)NessusRed Hat Local Security Checks
high
154980Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-1)NessusUbuntu Local Security Checks
high
154972Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)NessusUbuntu Local Security Checks
high
154910RHEL 8 : kpatch-patch (RHSA-2021:4122)NessusRed Hat Local Security Checks
high
154871CentOS 8 : kernel (CESA-2021:4056)NessusCentOS Local Security Checks
high
154859Oracle Linux 8 : kernel (ELSA-2021-4056)NessusOracle Linux Local Security Checks
high
154849RHEL 8 : kernel-rt (RHSA-2021:4088)NessusRed Hat Local Security Checks
high
154834RHEL 8 : kernel (RHSA-2021:4056)NessusRed Hat Local Security Checks
high
154668RHEL 7 : kernel (RHSA-2021:3987)NessusRed Hat Local Security Checks
high
154404EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-2588)NessusHuawei Local Security Checks
high
153703EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2530)NessusHuawei Local Security Checks
high
153692EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2502)NessusHuawei Local Security Checks
high
153610EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2465)NessusHuawei Local Security Checks
high
152481SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2643-1)NessusSuSE Local Security Checks
high
152188SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 18 for SLE 12 SP4) (SUSE-SU-2021:2584-1)NessusSuSE Local Security Checks
high
152167SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP2) (SUSE-SU-2021:2577-1)NessusSuSE Local Security Checks
high
152159SUSE SLES15 Security Update : kernel (Live Patch 22 for SLE 15 SP1) (SUSE-SU-2021:2560-1)NessusSuSE Local Security Checks
high
152142SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP1) (SUSE-SU-2021:2542-1)NessusSuSE Local Security Checks
high
152116SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP2) (SUSE-SU-2021:2538-1)NessusSuSE Local Security Checks
high
152055SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2451-1)NessusSuSE Local Security Checks
high
151998SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2422-1)NessusSuSE Local Security Checks
high
151996SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2426-1)NessusSuSE Local Security Checks
medium
151989SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151986SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2421-1)NessusSuSE Local Security Checks
high
151935openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151878SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2406-1)NessusSuSE Local Security Checks
high
151877SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2407-1)NessusSuSE Local Security Checks
high
151873SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2416-1)NessusSuSE Local Security Checks
high
151652SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2325-1)NessusSuSE Local Security Checks
medium
151617SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2303-1)NessusSuSE Local Security Checks
medium
151200SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2202-1)NessusSuSE Local Security Checks
high
151125SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2184-1)NessusSuSE Local Security Checks
high