Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2020-12657 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2020-12657

CVE-2020-12657

HIGH7.8

An issue was discovered in the Linux kernel before 5

Published May 5, 2020

Modified 1 years ago

Details

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.

References

ADVISORY

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

WEB

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5

WEB

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9

WEB

https://github.com/torvalds/linux/commit/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9

WEB

https://patchwork.kernel.org/patch/11447049/

WEB

https://security.netapp.com/advisory/ntap-20200608-0001/

ADVISORY

https://usn.ubuntu.com/4363-1/

ADVISORY

https://usn.ubuntu.com/4367-1/

ADVISORY

https://usn.ubuntu.com/4368-1/

ADVISORY

https://usn.ubuntu.com/4369-1/

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2020-12657

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedMay 5, 2020

ModifiedAug 4, 2024