{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-0427", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "dateUpdated": "2024-08-04T06:02:52.034Z", "dateReserved": "2019-10-17T00:00:00", "datePublished": "2020-09-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2022-10-11T00:00:00"}, "descriptions": [{"lang": "en", "value": "In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171"}], "affected": [{"vendor": "n/a", "product": "Android", "versions": [{"version": "Android kernel", "status": "affected"}]}], "references": [{"url": "https://source.android.com/security/bulletin/pixel/2020-09-01"}, {"name": "openSUSE-SU-2020:1586", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"}, {"name": "openSUSE-SU-2020:1655", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"}, {"name": "[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html"}, {"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"}, {"url": "https://www.starwindsoftware.com/security/sw-20210325-0005/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Information disclosure"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:02:52.034Z"}, "title": "CVE Program Container", "references": [{"url": "https://source.android.com/security/bulletin/pixel/2020-09-01", "tags": ["x_transferred"]}, {"name": "openSUSE-SU-2020:1586", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"}, {"name": "openSUSE-SU-2020:1655", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"}, {"name": "[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html"}, {"url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html", "tags": ["x_transferred"]}, {"url": "https://www.starwindsoftware.com/security/sw-20210325-0005/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*", "matchCriteriaId": "0E5C2815-65C8-48D7-BF31-6104EDD0CBE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*", "matchCriteriaId": "6FF4A265-AFFD-4853-B3CE-A55E950E8B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*", "matchCriteriaId": "E6484296-5BA8-408A-A087-A0D86BA50703", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*", "matchCriteriaId": "5D31D4A3-7D1E-472F-9BB6-AF889DA7C763", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*", "matchCriteriaId": "F67B6B43-FF39-4B05-8704-EDFCED4117E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*", "matchCriteriaId": "C79FA879-7855-467B-A98D-7D914940F9D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171"}, {"lang": "es", "value": "En la funci\u00f3n create_pinctrl del archivo core.c, se presenta una posible lectura fuera de l\u00edmites debido a un uso de la memoria previamente liberada. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: kernel de Android, ID de Android: A-140550171"}], "id": "CVE-2020-0427", "lastModified": "2022-10-25T16:12:16.737", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-17T19:15:12.877", "references": [{"source": "security@android.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"}, {"source": "security@android.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"}, {"source": "security@android.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html"}, {"source": "security@android.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html"}, {"source": "security@android.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://source.android.com/security/bulletin/pixel/2020-09-01"}, {"source": "security@android.com", "tags": ["Third Party Advisory"], "url": "https://www.starwindsoftware.com/security/sw-20210325-0005/"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:0857", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-1160.21.1.rt56.1158.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-03-16T00:00:00Z"}, {"advisory": "RHSA-2021:0856", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-1160.21.1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-03-16T00:00:00Z"}, {"advisory": "RHSA-2021:4140", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-348.rt7.130.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4356", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-348.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}], "bugzilla": {"description": "kernel: out-of-bounds reads in pinctrl subsystem.", "id": "1919893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919893"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171", "A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2020-0427", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2020-11-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-0427\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-0427"], "threat_severity": "Moderate"}