CVE-2020-10769 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 41%

Vendor	Product	Version
redhat	enterprise_linux	7.0
opensuse	leap	15.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.226-1 fixed
bookworm	6.1.106-3 fixed
bookworm (security)	6.1.112-1 fixed
trixie	6.11.5-1 fixed
sid	6.11.6-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux

focal	not-affected
eoan	not-affected
bionic	Fixed 4.15.0-55.60 released
xenial	Fixed 4.4.0-145.171 released
trusty	ignored

linux-aws

focal	not-affected
eoan	not-affected
bionic	Fixed 4.15.0-1047.49 released
xenial	Fixed 4.4.0-1079.89 released
trusty	ignored

linux-aws-5.0

focal	dne
eoan	dne
bionic	ignored
xenial	dne
trusty	dne

linux-aws-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-aws-hwe

focal	dne
eoan	dne
bionic	dne
xenial	Fixed 4.15.0-1047.49~16.04.1 released
trusty	dne

linux-azure

focal	not-affected
eoan	not-affected
bionic	ignored
xenial	Fixed 4.15.0-1051.56 released
trusty	ignored

linux-azure-4.15

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-azure-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-azure-edge

focal	dne
eoan	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gcp

focal	not-affected
eoan	not-affected
bionic	ignored
xenial	Fixed 4.15.0-1037.39~16.04.1 released
trusty	dne

linux-gcp-4.15

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-gcp-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-gcp-edge

focal	dne
eoan	dne
bionic	ignored
xenial	dne
trusty	dne

linux-gke-4.15

focal	dne
eoan	dne
bionic	Fixed 4.15.0-1037.39 released
xenial	dne
trusty	dne

linux-gke-5.0

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-gke-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-hwe

focal	dne
eoan	dne
bionic	Fixed 5.0.0-23.24~18.04.1 released
xenial	Fixed 4.15.0-55.60~16.04.2 released
trusty	dne

linux-hwe-edge

focal	dne
eoan	dne
bionic	ignored
xenial	ignored
trusty	dne

linux-kvm

focal	not-affected
eoan	not-affected
bionic	Fixed 4.15.0-1039.39 released
xenial	Fixed 4.4.0-1043.49 released
trusty	dne

linux-lts-trusty

focal	dne
eoan	dne
bionic	dne
xenial	dne
trusty	dne

linux-lts-xenial

focal	dne
eoan	dne
bionic	dne
xenial	dne
trusty	ignored

linux-oem

focal	dne
eoan	not-affected
bionic	Fixed 4.15.0-1050.57 released
xenial	ignored
trusty	dne

linux-oem-5.6

focal	not-affected
eoan	dne
bionic	dne
xenial	dne
trusty	dne

linux-oem-osp1

focal	dne
eoan	not-affected
bionic	not-affected
xenial	dne
trusty	dne

linux-oracle

focal	not-affected
eoan	not-affected
bionic	Fixed 4.15.0-1018.20 released
xenial	Fixed 4.15.0-1018.20~16.04.1 released
trusty	dne

linux-oracle-5.0

focal	dne
eoan	dne
bionic	ignored
xenial	dne
trusty	dne

linux-oracle-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-raspi

focal	not-affected
eoan	dne
bionic	dne
xenial	dne
trusty	dne

linux-raspi2

focal	ignored
eoan	not-affected
bionic	Fixed 4.15.0-1041.44 released
xenial	Fixed 4.4.0-1106.114 released
trusty	dne

linux-raspi2-5.3

focal	dne
eoan	dne
bionic	not-affected
xenial	dne
trusty	dne

linux-riscv

focal	not-affected
eoan	dne
bionic	dne
xenial	dne
trusty	dne

linux-snapdragon

focal	dne
eoan	dne
bionic	Fixed 4.15.0-1058.64 released
xenial	Fixed 4.4.0-1110.115 released
trusty	dne

Known Exploits!

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html

https://bugzilla.redhat.com/show_bug.cgi?id=1708775%3B

https://lkml.org/lkml/2019/1/21/675

https://www.oracle.com/security-alerts/cpuApr2021.html

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html

https://bugzilla.redhat.com/show_bug.cgi?id=1708775%3B

https://lkml.org/lkml/2019/1/21/675

https://www.oracle.com/security-alerts/cpuApr2021.html