CVE-2020-14356

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

History

18 Nov 2022, 21:17

Type Values Removed Values Added
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4526-1/ - (UBUNTU) https://usn.ubuntu.com/4526-1/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20200904-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20200904-0002/ - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4483-1/ - (UBUNTU) https://usn.ubuntu.com/4483-1/ - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4484-1/ - (UBUNTU) https://usn.ubuntu.com/4484-1/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html - Mailing List, Third Party Advisory
First Time Netapp solidfire Baseboard Management Controller Firmware
Netapp cloud Backup
Netapp hci Management Node
Netapp active Iq Unified Manager
Netapp solidfire
Canonical ubuntu Linux
Canonical
Netapp solidfire Baseboard Management Controller
Debian debian Linux
Netapp
Debian
CPE cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Information

Published : 2020-08-19 15:15

Updated : 2022-11-18 21:17


NVD link : CVE-2020-14356

Mitre link : CVE-2020-14356


JSON object : View

Products Affected

redhat

  • enterprise_linux

netapp

  • solidfire
  • hci_management_node
  • cloud_backup
  • solidfire_baseboard_management_controller_firmware
  • solidfire_baseboard_management_controller
  • active_iq_unified_manager

linux

  • linux_kernel

canonical

  • ubuntu_linux

opensuse

  • leap

debian

  • debian_linux
CWE
CWE-476

NULL Pointer Dereference