In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html | Broken Link Third Party Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11 | Release Notes Vendor Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6 | Release Notes Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=23da9588037ecdd4901db76a5b79a42b529c4ec3 | Patch Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89189557b47b35683a27c80ee78aef18248eefb4 | Patch Vendor Advisory |
https://security.netapp.com/advisory/ntap-20200204-0002/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
20 Jan 2023, 20:19
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp 8300
Netapp cloud Backup Netapp solidfire \& Hci Management Node Netapp fas\/aff Baseboard Management Controller Netapp solidfire Baseboard Management Controller Netapp 8700 Firmware Netapp 8300 Firmware Netapp h610s Netapp h610s Firmware Netapp steelstore Cloud Integrated Storage Netapp 8700 Netapp active Iq Unified Manager Netapp a400 Netapp a400 Firmware Netapp e-series Santricity Os Controller Netapp Netapp data Availability Services |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200204-0002/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html - Broken Link, Third Party Advisory | |
CPE | cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
Information
Published : 2019-12-28 05:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-20054
Mitre link : CVE-2019-20054
CVE.ORG link : CVE-2019-20054
JSON object : View
Products Affected
netapp
- h610s_firmware
- a400_firmware
- 8700_firmware
- 8700
- active_iq_unified_manager
- a400
- cloud_backup
- data_availability_services
- fas\/aff_baseboard_management_controller
- solidfire_\&_hci_management_node
- h610s
- e-series_santricity_os_controller
- 8300_firmware
- solidfire_baseboard_management_controller
- 8300
- steelstore_cloud_integrated_storage
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference