gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Linux
  • Linux Kernel
Netapp
  • A700s
  • A700s Firmware
  • Active Iq Unified Manager
  • Bootstrap Os
  • Cloud Backup
  • Element Software
  • H300e
  • H300e Firmware
  • H300s
  • H300s Firmware
  • H410c
  • H410c Firmware
  • H410s
  • H410s Firmware
  • H500e
  • H500e Firmware
  • H500s
  • H500s Firmware
  • H610c
  • H610c Firmware
  • H610s
  • H610s Firmware
  • H615c
  • H615c Firmware
  • H700e
  • H700e Firmware
  • H700s
  • H700s Firmware
  • Hci Compute Node
  • Hci Management Node
  • Solidfire
  • Solidfire Baseboard Management Controller
  • Solidfire Baseboard Management Controller Firmware
  • Steelstore Cloud Integrated Storage
Opensuse
  • Leap

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

No data.

References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html cve-icon cve-icon
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=d126cf46f829d146dde3e6a8963e095ac6cfcd1c cve-icon cve-icon
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15753588bcd4bbffae1cca33c8ced5722477fe1f cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2020-13143 cve-icon
https://security.netapp.com/advisory/ntap-20200608-0001/ cve-icon cve-icon
https://usn.ubuntu.com/4411-1/ cve-icon cve-icon
https://usn.ubuntu.com/4412-1/ cve-icon cve-icon
https://usn.ubuntu.com/4413-1/ cve-icon cve-icon
https://usn.ubuntu.com/4414-1/ cve-icon cve-icon
https://usn.ubuntu.com/4419-1/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2020-13143 cve-icon
https://www.debian.org/security/2020/dsa-4698 cve-icon cve-icon
https://www.debian.org/security/2020/dsa-4699 cve-icon cve-icon
https://www.spinics.net/lists/linux-usb/msg194331.html cve-icon cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-05-18T17:50:53

Updated: 2024-08-04T12:11:19.057Z

Reserved: 2020-05-18T00:00:00

Link: CVE-2020-13143

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-05-18T18:15:11.347

Modified: 2022-10-29T02:36:25.060

Link: CVE-2020-13143

cve-icon Redhat

Severity : Low

Publid Date: 2020-04-30T00:00:00Z

Links: CVE-2020-13143 - Bugzilla