CVE-2020-12770 Information

Feb 14, 2021 cve

Description

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case aka CID-83c6f2390040.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IO5XIQSRI747P4RVVTNX7TUPEOCF4OPU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R54VC7B6MDYKP57AWC2HN7AUJYH62RKI/ https://lkml.org/lkml/2020/4/13/870 https://security.netapp.com/advisory/ntap-20200608-0001/ https://usn.ubuntu.com/4411-1/ https://usn.ubuntu.com/4412-1/ https://usn.ubuntu.com/4413-1/ https://usn.ubuntu.com/4414-1/ https://usn.ubuntu.com/4419-1/ https://www.debian.org/security/2020/dsa-4698 https://www.debian.org/security/2020/dsa-4699

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.7

Share on: