CVE-2020-10774 - OpenCVE

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-240.rt7.54.el8	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2020:4609	2020-11-04T00:00:00Z
kernel-0:4.18.0-240.el8	cpe:/o:redhat:enterprise_linux:8	RHSA-2020:4431	2020-11-04T00:00:00Z

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=1846964
https://nvd.nist.gov/vuln/detail/CVE-2020-10774
https://www.cve.org/CVERecord?id=CVE-2020-10774

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-05-27T18:46:18

Updated: 2024-08-04T11:14:15.551Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10774

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-05-27T19:15:07.917

Modified: 2021-06-08T17:31:32.143

Link: CVE-2020-10774

Redhat

Severity : Low

Publid Date: 2020-06-15T00:00:00Z

Links: CVE-2020-10774 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "kernel", "vendor": "n/a", "versions": [{"status": "affected", "version": "kernel-4.18.0-193.el8"}]}], "descriptions": [{"lang": "en", "value": "A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-805", "description": "CWE-805", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-27T18:46:18", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10774", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "kernel", "version": {"version_data": [{"version_value": "kernel-4.18.0-193.el8"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-805"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:14:15.551Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10774", "datePublished": "2021-05-27T18:46:18", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:15.551Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2508F59A-247D-48B5-8D2D-BF7499E8D8CB", "versionEndExcluding": "4.18.0-193.el8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de divulgaci\u00f3n de memoria en el kernel de Linux versiones anteriores a 4.18.0-193.el8 en el subsistema sysctl al leer el archivo /proc/sys/kernel/rh_features. Este fallo permite a un usuario local leer valores no inicializados de la memoria del kernel. La mayor amenaza de esta vulnerabilidad es la confidencialidad"}], "id": "CVE-2020-10774", "lastModified": "2021-06-08T17:31:32.143", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-27T19:15:07.917", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-805"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:4609", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-240.rt7.54.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4431", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-240.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}], "bugzilla": {"description": "kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features", "id": "1846964", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-909", "details": ["A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.", "A flaw memory disclosure flaw was found in the Linux kernel\u2019s sysctl subsystem in reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2020-10774", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2020-06-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10774\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10774"], "statement": "This issue is rated as having Low impact because of the limited and random (non-controllable by attacker) memory disclosure.", "threat_severity": "Low", "upstream_fix": "kernel-4.18.0 193.el8"}