[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-4752-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":94,"duplicates":95,"related":96,"reserved_at":9,"published_at":117,"modified_at":118,"state":9,"summary":119,"references_raw":121,"kevs":209,"epss":9,"epss_history":210,"metrics":211,"affected":212},"USN-4752-1","linux-oem-5.6 vulnerabilities\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered\nthat legacy pairing and secure-connections pairing authentication in the\nBluetooth protocol could allow an unauthenticated user to complete\nauthentication without pairing credentials via adjacent access. A\nphysically proximate attacker could use this to impersonate a previously\npaired Bluetooth device. (CVE-2020-10135)\n\nJay Shin discovered that the ext4 file system implementation in the Linux\nkernel did not properly handle directory access with broken indexing,\nleading to an out-of-bounds read vulnerability. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2020-14314)\n\nIt was discovered that the block layer implementation in the Linux kernel\ndid not properly perform reference counting in some situations, leading to\na use-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2020-15436)\n\nIt was discovered that the serial port driver in the Linux kernel did not\nproperly initialize a pointer in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2020-15437)\n\nAndy Nguyen discovered that the Bluetooth HCI event packet parser in the\nLinux kernel did not properly handle event advertisements of certain sizes,\nleading to a heap-based buffer overflow. A physically proximate remote\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2020-24490)\n\nIt was discovered that the NFS client implementation in the Linux kernel\ndid not properly perform bounds checking before copying security labels in\nsome situations. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2020-25212)\n\nIt was discovered that the Rados block device (rbd) driver in the Linux\nkernel did not properly perform privilege checks for access to rbd devices\nin some situations. A local attacker could use this to map or unmap rbd\nblock devices. (CVE-2020-25284)\n\nIt was discovered that the block layer subsystem in the Linux kernel did\nnot properly handle zero-length requests. A local attacker could use this\nto cause a denial of service. (CVE-2020-25641)\n\nIt was discovered that the HDLC PPP implementation in the Linux kernel did\nnot properly validate input in some situations. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2020-25643)\n\nKiyin (尹亮) discovered that the perf subsystem in the Linux kernel did\nnot properly deallocate memory in some situations. A privileged attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2020-25704)\n\nIt was discovered that the KVM hypervisor in the Linux kernel did not\nproperly handle interrupts in certain situations. A local attacker in a\nguest VM could possibly use this to cause a denial of service (host system\ncrash). (CVE-2020-27152)\n\nIt was discovered that the jfs file system implementation in the Linux\nkernel contained an out-of-bounds read vulnerability. A local attacker\ncould use this to possibly cause a denial of service (system crash).\n(CVE-2020-27815)\n\nIt was discovered that an information leak existed in the syscall\nimplementation in the Linux kernel on 32 bit systems. A local attacker\ncould use this to expose sensitive information (kernel memory).\n(CVE-2020-28588)\n\nIt was discovered that the framebuffer implementation in the Linux kernel\ndid not properly perform range checks in certain situations. A local\nattacker could use this to expose sensitive information (kernel memory).\n(CVE-2020-28915)\n\nJann Horn discovered a race condition in the copy-on-write implementation\nin the Linux kernel when handling hugepages. A local attacker could use\nthis to gain unintended write access to read-only memory pages.\n(CVE-2020-29368)\n\nJann Horn discovered that the mmap implementation in the Linux kernel\ncontained a race condition when handling munmap() operations, leading to a\nread-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly expose sensitive information.\n(CVE-2020-29369)\n\nJann Horn discovered that the romfs file system in the Linux kernel did not\nproperly validate file system meta-data, leading to an out-of-bounds read.\nAn attacker could use this to construct a malicious romfs image that, when\nmounted, exposed sensitive information (kernel memory). (CVE-2020-29371)\n\nJann Horn discovered that the tty subsystem of the Linux kernel did not use\nconsistent locking in some situations, leading to a read-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly expose sensitive information (kernel memory).\n(CVE-2020-29660)\n\nJann Horn discovered a race condition in the tty subsystem of the Linux\nkernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-\nfree vulnerability. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2020-29661)\n\nIt was discovered that a race condition existed that caused the Linux\nkernel to not properly restrict exit signal delivery. A local attacker\ncould possibly use this to send signals to arbitrary processes.\n(CVE-2020-35508)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":15},"CVE-2020-10135",{"_key":17},"CVE-2020-14314",{"_key":19},"CVE-2020-15436",{"_key":21},"CVE-2020-15437",{"_key":23},"CVE-2020-24490",{"_key":25},"CVE-2020-25212",{"_key":27},"CVE-2020-25284",{"_key":29},"CVE-2020-25641",{"_key":31},"CVE-2020-25643",{"_key":33},"CVE-2020-25704",{"_key":35},"CVE-2020-27152",{"_key":37},"CVE-2020-27815",{"_key":39},"CVE-2020-28588",{"_key":41},"CVE-2020-28915",{"_key":43},"CVE-2020-29368",{"_key":45},"CVE-2020-29369",{"_key":47},"CVE-2020-29371",{"_key":49},"CVE-2020-29660",{"_key":51},"CVE-2020-29661",{"_key":53},"CVE-2020-35508",{"_key":55},"UBUNTU-CVE-2020-10135",{"_key":57},"UBUNTU-CVE-2020-14314",{"_key":59},"UBUNTU-CVE-2020-15436",{"_key":61},"UBUNTU-CVE-2020-15437",{"_key":63},"UBUNTU-CVE-2020-24490",{"_key":65},"UBUNTU-CVE-2020-25212",{"_key":67},"UBUNTU-CVE-2020-25284",{"_key":69},"UBUNTU-CVE-2020-25641",{"_key":71},"UBUNTU-CVE-2020-25643",{"_key":73},"UBUNTU-CVE-2020-25704",{"_key":75},"UBUNTU-CVE-2020-27152",{"_key":77},"UBUNTU-CVE-2020-27815",{"_key":79},"UBUNTU-CVE-2020-28588",{"_key":81},"UBUNTU-CVE-2020-28915",{"_key":83},"UBUNTU-CVE-2020-29368",{"_key":85},"UBUNTU-CVE-2020-29369",{"_key":87},"UBUNTU-CVE-2020-29371",{"_key":89},"UBUNTU-CVE-2020-29660",{"_key":91},"UBUNTU-CVE-2020-29661",{"_key":93},"UBUNTU-CVE-2020-35508",[],[],[97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116],{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},"2021-02-25T06:54:20Z","2026-06-03T14:03:57.617545013Z",{"cisa_kev":120,"cisa_ransomware":120,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[122,128,133,137,141,145,149,153,157,161,165,169,173,177,181,185,189,193,197,201,205],{"url":123,"sources":124,"tags":126},"https://ubuntu.com/security/notices/USN-4752-1",[125],"osv_ubuntu",[127],"Advisory",{"url":129,"sources":130,"tags":131},"https://ubuntu.com/security/CVE-2020-10135",[125],[132],"REPORT",{"url":134,"sources":135,"tags":136},"https://ubuntu.com/security/CVE-2020-14314",[125],[132],{"url":138,"sources":139,"tags":140},"https://ubuntu.com/security/CVE-2020-15436",[125],[132],{"url":142,"sources":143,"tags":144},"https://ubuntu.com/security/CVE-2020-15437",[125],[132],{"url":146,"sources":147,"tags":148},"https://ubuntu.com/security/CVE-2020-24490",[125],[132],{"url":150,"sources":151,"tags":152},"https://ubuntu.com/security/CVE-2020-25212",[125],[132],{"url":154,"sources":155,"tags":156},"https://ubuntu.com/security/CVE-2020-25284",[125],[132],{"url":158,"sources":159,"tags":160},"https://ubuntu.com/security/CVE-2020-25641",[125],[132],{"url":162,"sources":163,"tags":164},"https://ubuntu.com/security/CVE-2020-25643",[125],[132],{"url":166,"sources":167,"tags":168},"https://ubuntu.com/security/CVE-2020-25704",[125],[132],{"url":170,"sources":171,"tags":172},"https://ubuntu.com/security/CVE-2020-27152",[125],[132],{"url":174,"sources":175,"tags":176},"https://ubuntu.com/security/CVE-2020-27815",[125],[132],{"url":178,"sources":179,"tags":180},"https://ubuntu.com/security/CVE-2020-28588",[125],[132],{"url":182,"sources":183,"tags":184},"https://ubuntu.com/security/CVE-2020-28915",[125],[132],{"url":186,"sources":187,"tags":188},"https://ubuntu.com/security/CVE-2020-29368",[125],[132],{"url":190,"sources":191,"tags":192},"https://ubuntu.com/security/CVE-2020-29369",[125],[132],{"url":194,"sources":195,"tags":196},"https://ubuntu.com/security/CVE-2020-29371",[125],[132],{"url":198,"sources":199,"tags":200},"https://ubuntu.com/security/CVE-2020-29660",[125],[132],{"url":202,"sources":203,"tags":204},"https://ubuntu.com/security/CVE-2020-29661",[125],[132],{"url":206,"sources":207,"tags":208},"https://ubuntu.com/security/CVE-2020-35508",[125],[132],[],[],[],[213],{"ecosystem":214,"name":215,"vendor":216,"product":215,"cpe_part":9,"purl_type":217,"purl_namespace":216,"purl_name":215,"source":9,"versions":218},"Ubuntu","linux-oem-5.6","ubuntu","deb",[219],{"version":220,"is_range":221,"range_type":222,"version_start":9,"version_start_type":9,"version_end":223,"version_end_type":224,"fixed_in":9},"lt5_6_0_1048_52",true,"ecosystem","5.6.0-1048.52","excluding"]