An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2024-08-04T16:40:59.170Z

Reserved: 2020-11-13T00:00:00

Link: CVE-2020-28588

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-10T19:15:08.017

Modified: 2024-11-21T05:22:57.560

Link: CVE-2020-28588

cve-icon Redhat

Severity : Low

Publid Date: 2020-12-03T00:00:00Z

Links: CVE-2020-28588 - Bugzilla

cve-icon OpenCVE Enrichment

No data.