CVE-2020-0427
Vulnerability Summary
Timeline
Description
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 0.17%• Percentile: 38%
Techniques & Countermeasures
- CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
- CWE-416•Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Affected Systems
- debian•debian_linux
9.0
- google•android
na
- opensuse•leap
15.1 | 15.2
- starwindsoftware•starwind_virtual_san
v8:build12533 | v8:build12658 | v8:build12859 | v8:build13170 | v8:build13586 | v8:build13861
References (6)
- https://source.android.com/security/bulletin/pixel/2020-09-01
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
- https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
- http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
- https://www.starwindsoftware.com/security/sw-20210325-0005/