Multiple vulnerabilities in Linux kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-15393 CVE-2020-15780 |
| CWE-ID | CWE-401 CWE-285 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Memory leak
EUVDB-ID: #VU31921
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-15393
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in "drivers/usb/misc/usbtest.c" file. A local user can force the application to leak memory and perform denial of service attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLinux kernel: 5.7 - 5.7.6
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=28ebeb8db77035e058a510ce9bd17c2b9a009dba
https://lkml.org/lkml/2020/6/2/968
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authorization
EUVDB-ID: #VU31922
Risk: Low
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2020-15780
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to bypass authorization checks.
The vulnerability exists due to improper authorization in "in drivers/acpi/acpi_configfs.c". A local administrator can inject malicious ACPI tables via configfs to bypass lockdown and secure boot restrictions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsLinux kernel: 5.7.1 - 5.7.6
CPE2.3 External linkshttps://www.openwall.com/lists/oss-security/2020/07/20/7
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354
https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh
https://www.openwall.com/lists/oss-security/2020/06/15/3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
