An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
29 Oct 2022, 02:34
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Netapp solidfire Baseboard Management Controller Firmware
Netapp steelstore Cloud Integrated Storage Netapp solidfire Canonical ubuntu Linux Netapp data Availability Services Canonical Opensuse leap Debian Netapp cloud Backup Netapp hci Management Node Netapp active Iq Unified Manager Netapp solidfire Baseboard Management Controller Netapp h410c Netapp h410c Firmware Debian debian Linux Netapp Opensuse |
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2f9ac30a54dc0181ddac3705cdcf4775d863c530 - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4344-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4346-1/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4698 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4342-1/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200313-0003/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4345-1/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html - Mailing List, Third Party Advisory |
04 Jan 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. |
Information
Published : 2020-02-25 16:15
Updated : 2023-12-10 13:13
NVD link : CVE-2020-9383
Mitre link : CVE-2020-9383
CVE.ORG link : CVE-2020-9383
JSON object : View
Products Affected
netapp
- h410c
- cloud_backup
- steelstore_cloud_integrated_storage
- solidfire
- data_availability_services
- active_iq_unified_manager
- hci_management_node
- solidfire_baseboard_management_controller
- solidfire_baseboard_management_controller_firmware
- h410c_firmware
opensuse
- leap
debian
- debian_linux
linux
- linux_kernel
canonical
- ubuntu_linux
CWE
CWE-125
Out-of-bounds Read