CVE-2020-25662

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
redhatCNA
5.3 MEDIUM
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
redhatenterprise_linux
8.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
trixie
6.11.5-1
fixed
sid
6.11.6-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
linux-aws
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
linux-aws-5.0
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-aws-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-aws-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-aws-hwe
groovy
dne
focal
dne
bionic
dne
xenial
not-affected
trusty
dne
linux-azure
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
linux-azure-4.15
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-azure-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-azure-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-azure-edge
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
dne
linux-gcp-4.15
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gcp-edge
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gke-4.15
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gke-5.0
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-gke-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-hwe
groovy
dne
focal
dne
bionic
ignored
xenial
not-affected
trusty
dne
linux-hwe-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-hwe-edge
groovy
dne
focal
dne
bionic
not-affected
xenial
not-affected
trusty
dne
linux-kvm
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
dne
linux-lts-trusty
groovy
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
linux-lts-xenial
groovy
dne
focal
dne
bionic
dne
xenial
dne
trusty
not-affected
linux-oem
groovy
dne
focal
dne
bionic
not-affected
xenial
not-affected
trusty
dne
linux-oem-5.6
groovy
dne
focal
not-affected
bionic
dne
xenial
dne
trusty
dne
linux-oem-osp1
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-oracle
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
dne
linux-oracle-5.0
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-oracle-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-oracle-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-raspi
groovy
not-affected
focal
not-affected
bionic
dne
xenial
dne
trusty
dne
linux-raspi-5.4
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-raspi2
groovy
dne
focal
ignored
bionic
not-affected
xenial
not-affected
trusty
dne
linux-raspi2-5.3
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
linux-riscv
groovy
not-affected
focal
not-affected
bionic
dne
xenial
dne
trusty
dne
linux-snapdragon
groovy
dne
focal
dne
bionic
not-affected
xenial
not-affected
trusty
dne
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2020-12352
https://access.redhat.com/security/vulnerabilities/BleedingTooth
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662
https://access.redhat.com/security/cve/CVE-2020-12352
https://access.redhat.com/security/vulnerabilities/BleedingTooth
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662