CVE-2020-8991

vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulnerability since there’s no apparent route to either privilege escalation or to denial of service through the bug
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:lvm2:2.02.00:*:*:*:*:*:*:*

History

07 Nov 2023, 03:26

Type Values Removed Values Added
References
  • {'url': 'https://sourceware.org/git/?p=lvm2.git;a=commit;h=bcf9556b8fcd16ad8997f80cc92785f295c66701', 'name': 'https://sourceware.org/git/?p=lvm2.git;a=commit;h=bcf9556b8fcd16ad8997f80cc92785f295c66701', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () https://sourceware.org/git/?p=lvm2.git%3Ba=commit%3Bh=bcf9556b8fcd16ad8997f80cc92785f295c66701 -
Summary ** DISPUTED ** vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulnerability since there’s no apparent route to either privilege escalation or to denial of service through the bug. vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulnerability since there’s no apparent route to either privilege escalation or to denial of service through the bug

01 Jan 2022, 19:52

Type Values Removed Values Added
CWE CWE-772 CWE-401

Information

Published : 2020-02-14 05:15

Updated : 2024-03-21 02:37


NVD link : CVE-2020-8991

Mitre link : CVE-2020-8991

CVE.ORG link : CVE-2020-8991


JSON object : View

Products Affected

redhat

  • lvm2
CWE
CWE-401

Missing Release of Memory after Effective Lifetime