CVE-2020-10773 - OpenCVE

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:5.4.0:rc6:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-0:4.18.0-240.el8	cpe:/o:redhat:enterprise_linux:8	RHSA-2020:4431	2020-11-04T00:00:00Z

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f
https://nvd.nist.gov/vuln/detail/CVE-2020-10773
https://www.cve.org/CVERecord?id=CVE-2020-10773

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-09-10T16:07:48

Updated: 2024-08-04T11:14:14.957Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10773

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-09-10T17:15:27.453

Modified: 2023-11-07T03:14:23.270

Link: CVE-2020-10773

Redhat

Severity : Low

Publid Date: 2019-10-28T14:00:00Z

Links: CVE-2020-10773 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "kernel", "vendor": "[UNKNOWN]", "versions": [{"status": "affected", "version": "kernel-5.4-rc6"}]}], "descriptions": [{"lang": "en", "value": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-626", "description": "CWE-626", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-10T16:07:48", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"}, {"tags": ["x_refsource_MISC"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10773", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "kernel", "version": {"version_data": [{"version_value": "kernel-5.4-rc6"}]}}]}, "vendor_name": "[UNKNOWN]"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."}]}, "impact": {"cvss": [[{"vectorString": "4.4/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-626"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"}, {"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:14:14.957Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10773", "datePublished": "2020-09-10T16:07:48", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:14.957Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:5.4.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "CF4376DF-8195-43EF-9A6F-999400B4E35F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de filtrado de informaci\u00f3n de la pila en s390/s390x en la funcionalidad del administrador de memoria del kernel de Linux, donde escribe incorrectamente en el archivo /proc/sys/vm/cmm_timeout. Este fallo permite a un usuario local visualizar los datos del kernel"}], "id": "CVE-2020-10773", "lastModified": "2023-11-07T03:14:23.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2020-09-10T17:15:27.453", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-626"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:4431", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-240.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}], "bugzilla": {"description": "kernel: kernel stack information leak on s390/s390x", "id": "1846380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846380"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-626", "details": ["A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.", "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2020-10773", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2019-10-28T14:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10773\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10773\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"], "statement": "This issue is rated as having Low impact because of being limited to only s390 architecture and very limited kernel stack exposure.", "threat_severity": "Low", "upstream_fix": "kernel-5.4 rc6"}