gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
History
29 Oct 2022, 02:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp solidfire Baseboard Management Controller Firmware
Netapp h500s Netapp steelstore Cloud Integrated Storage Netapp h500e Firmware Canonical ubuntu Linux Netapp a700s Opensuse leap Netapp h410s Firmware Netapp cloud Backup Netapp h700s Netapp active Iq Unified Manager Netapp h700e Netapp solidfire Baseboard Management Controller Netapp h410c Firmware Netapp bootstrap Os Debian debian Linux Netapp a700s Firmware Netapp h610c Firmware Netapp hci Compute Node Netapp h615c Netapp h500s Firmware Netapp element Software Netapp h500e Netapp h700e Firmware Netapp solidfire Canonical Netapp h610c Netapp h610s Firmware Debian Netapp h300e Netapp h610s Netapp h300e Firmware Netapp h615c Firmware Netapp hci Management Node Netapp h300s Netapp h410c Netapp Netapp h300s Firmware Netapp h700s Firmware Netapp h410s Opensuse |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4412-1/ - Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=d126cf46f829d146dde3e6a8963e095ac6cfcd1c - Mailing List, Patch, Vendor Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200608-0001/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4698 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4419-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4413-1/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4699 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4414-1/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4411-1/ - Third Party Advisory | |
CPE | cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* |
04 Jan 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | |
References |
|
Information
Published : 2020-05-18 18:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-13143
Mitre link : CVE-2020-13143
CVE.ORG link : CVE-2020-13143
JSON object : View
Products Affected
netapp
- a700s_firmware
- h700s_firmware
- h700e
- h500s_firmware
- solidfire_baseboard_management_controller_firmware
- h700s
- element_software
- h615c_firmware
- cloud_backup
- h700e_firmware
- h410c_firmware
- h615c
- h300e_firmware
- solidfire_baseboard_management_controller
- h610s_firmware
- hci_management_node
- h300s_firmware
- a700s
- bootstrap_os
- h500e_firmware
- solidfire
- h610s
- h500s
- h410c
- h610c
- active_iq_unified_manager
- h410s_firmware
- h300e
- hci_compute_node
- h410s
- steelstore_cloud_integrated_storage
- h300s
- h610c_firmware
- h500e
linux
- linux_kernel
opensuse
- leap
debian
- debian_linux
canonical
- ubuntu_linux
CWE
CWE-125
Out-of-bounds Read