usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
12 Oct 2023, 14:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4391-1/ - Third Party Advisory, VDB Entry | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4698 - Third Party Advisory, VDB Entry | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4387-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4390-1/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4388-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4389-1/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200608-0001/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4699 - Third Party Advisory, VDB Entry | |
First Time |
Netapp steelstore Cloud Integrated Storage
Netapp active Iq Unified Manager Netapp hci Compute Node Netapp cloud Backup Netapp solidfire \& Hci Storage Node Netapp Netapp solidfire Baseboard Management Controller Netapp hci Baseboard Management Controller Netapp aff A700s Netapp hci Storage Nodes |
Information
Published : 2020-04-29 18:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-12464
Mitre link : CVE-2020-12464
CVE.ORG link : CVE-2020-12464
JSON object : View
Products Affected
netapp
- aff_a700s
- hci_compute_node
- steelstore_cloud_integrated_storage
- active_iq_unified_manager
- hci_storage_nodes
- hci_baseboard_management_controller
- solidfire_baseboard_management_controller
- cloud_backup
- solidfire_\&_hci_storage_node
linux
- linux_kernel
CWE
CWE-416
Use After Free