Out-of-bounds read in Linux kernel

#VU47220 Out-of-bounds read in Linux kernel

Cybersecurity Help s.r.o.

Published: 2020-09-18 | Updated: 2020-09-30

Vulnerability identifier: #VU47220

Vulnerability risk: Medium

CVSSv3.1: 4.9 [AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14390

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to an out-of-bounds read that occurs leading to memory corruption or a denial of service. This highest threat from this vulnerability is to system availability.

Mitigation
Update to version 5.9.0.

Vulnerable software versions

Linux kernel: 2.2.3 - 2.2.27, 2.3.0 - 2.3.99, 2.4.0 - 2.4.37.11, 2.5.0 - 2.5.75, 2.6 - 2.6_test9_cvs, 3.0 - 3.0.101, 3.1 - 3.1.10, 3.2 - 3.25, 3.3 - 3.3.8, 3.4 - 3.4.113, 3.5 - 3.5.7, 3.6 - 3.6.11, 3.7 - 3.7.10, 3.8 - 3.8.13, 3.9 - 3.9.11, 3.10 - 3.10.107, 3.11 - 3.11.10, 3.12 - 3.12.74, 3.13 - 3.13.11, 3.14 - 3.14.79, 3.15 - 3.15.10, 3.16 - 3.16.58, 3.17 - 3.17.8, 3.18 - 3.18.140, 3.19 - 3.19.8, 4.0 - 4.0.9, 4.1 - 4.1.52, 4.2 - 4.2.8, 4.3 - 4.3.6, 4.4 - 4.4.224, 4.5 - 4.5.7, 4.6 - 4.6.7, 4.7 - 4.7.10, 4.8 - 4.8.17, 4.9 - 4.9.224, 4.10 - 4.10.17, 4.11 - 4.11.12, 4.12 - 4.12.14, 4.13 - 4.13.16, 4.14 - 4.14.181, 4.15 - 4.15.18, 4.16 - 4.16.18, 4.17 - 4.17.19, 4.18 - 4.18.20, 4.19 - 4.19.124, 4.20 - 4.20.17, 5.0 - 5.0.21, 5.1 - 5.1.21, 5.2 - 5.2.21, 5.3 - 5.3.18, 5.4 - 5.4.42, 5.5 - 5.5.19, 5.6 - 5.6.14, 5.7 - 5.7.7, 5.8.0

External links
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50145474f6ef4a9c19205b173da6264a644c7489
http://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
http://seclists.org/oss-sec/2020/q3/174
http://www.openwall.com/lists/oss-security/2020/09/15/2

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Oracle VM Server for x86