CVE-2020-15437 - OpenCVE

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-305.rt7.72.el8	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2021:1739	2021-05-18T00:00:00Z
kernel-0:4.18.0-305.el8	cpe:/o:redhat:enterprise_linux:8	RHSA-2021:1578	2021-05-18T00:00:00Z

References

Link	Providers
https://lkml.org/lkml/2020/7/21/80
https://nvd.nist.gov/vuln/detail/CVE-2020-15437
https://www.cve.org/CVERecord?id=CVE-2020-15437

History

No history.

MITRE

Status: PUBLISHED

Assigner: openEuler

Published: 2020-11-23T20:10:28

Updated: 2024-08-04T13:15:20.694Z

Reserved: 2020-06-30T00:00:00

Link: CVE-2020-15437

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-23T21:15:11.890

Modified: 2020-12-02T19:24:52.443

Link: CVE-2020-15437

Redhat

Severity : Moderate

Publid Date: 2020-07-21T00:00:00Z

Links: CVE-2020-15437 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "linux kernel", "vendor": "n/a", "versions": [{"status": "affected", "version": "5.7 (verified), possibly others 4.18"}]}], "descriptions": [{"lang": "en", "value": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized."}], "problemTypes": [{"descriptions": [{"description": "NULL Pointer Dereference", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-23T20:10:28", "orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "shortName": "openEuler"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lkml.org/lkml/2020/7/21/80"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "securities@openeuler.org", "ID": "CVE-2020-15437", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "linux kernel", "version": {"version_data": [{"version_value": "5.7 (verified), possibly others 4.18"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "https://lkml.org/lkml/2020/7/21/80", "refsource": "MISC", "url": "https://lkml.org/lkml/2020/7/21/80"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:15:20.694Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lkml.org/lkml/2020/7/21/80"}]}]}, "cveMetadata": {"assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "assignerShortName": "openEuler", "cveId": "CVE-2020-15437", "datePublished": "2020-11-23T20:10:28", "dateReserved": "2020-06-30T00:00:00", "dateUpdated": "2024-08-04T13:15:20.694Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A9F82A0-987A-4B8F-A2BB-3BC03ECCCF01", "versionEndExcluding": "5.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized."}, {"lang": "es", "value": "El kernel de Linux anterior a versi\u00f3n 5.8 es vulnerable a una desreferencia del puntero NULL en drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() que permite a usuarios locales causar una denegaci\u00f3n de servicio utilizando el puntero p-)serial_in que no se inicializ\u00f3"}], "id": "CVE-2020-15437", "lastModified": "2020-12-02T19:24:52.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-23T21:15:11.890", "references": [{"source": "securities@openeuler.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://lkml.org/lkml/2020/7/21/80"}], "sourceIdentifier": "securities@openeuler.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Yang Yingliang for reporting this issue.", "affected_release": [{"advisory": "RHSA-2021:1739", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-305.rt7.72.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-05-18T00:00:00Z"}, {"advisory": "RHSA-2021:1578", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-305.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-05-18T00:00:00Z"}], "bugzilla": {"description": "kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c", "id": "1901161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901161"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.", "A NULL pointer dereference flaw was found in the Linux kernel\u2019s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports (0x2E8, 0x2F8, 0x3E8, 0x3F8) are not available. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability."], "name": "CVE-2020-15437", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2020-07-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-15437\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15437"], "statement": "This flaw is rated as having a Moderate impact because the issue can only be triggered by an authorized local user in the tty or in the dialout group.", "threat_severity": "Moderate"}