Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeroneJordyzomerH1:891846
HistoryJun 05, 2020 - 11:12 a.m.

Internet Bug Bounty: CVE-2020-9383 Floppy OOB read

2020-06-0511:12:27
jordyzomer
hackerone.com
$750
51

EPSS

0

Percentile

14.2%

JSON

A vulnerability was found in Linux Kernel up to 5.5.6 (Operating System) and classified as critical. Affected by this issue is the function set_fdc of the file drivers/block/floppy.c. The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). Using CWE to declare the problem leads to CWE-125. Impacted is confidentiality, integrity, and availability.

The weakness was disclosed 02/25/2020 by Jordy Zomer (GitHub Repository). The advisory is shared for download at github.com. This vulnerability is handled as CVE-2020-9383 since 02/24/2020. The attack needs to be approached locally.

References:

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html
https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3
https://security.netapp.com/advisory/ntap-20200313-0003/

Impact

A local attacker could use this to cause a denial of service (system crash) or expose sensitive information.

Related

debiancve 1
f5 1
ibm 4
ubuntucve 1
cve 1
redhatcve 1
prion 1
osv 4
cbl_mariner 1
cvelist 1
nvd 1
archlinux 1
nessus 44
openvas 29
suse 1
ubuntu 4
mageia 2
oraclelinux 4
cloudfoundry 1
redhat 3
slackware 1
debian 5
centos 1
debiancve
debiancve
CVE-2020-9383
2020-02-25 16:15:11
f5
f5
K68024700 : Linux kernel vulnerability CVE-2020-9383
2020-03-30 00:00:00
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2020-09-23 12:32:47
Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus
2020-04-01 00:35:26
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in kernel.
2022-07-07 11:14:38
ubuntucve
ubuntucve
CVE-2020-9383
2020-02-25 00:00:00
cve
cve
CVE-2020-9383
2020-02-25 16:15:11
redhatcve
redhatcve
CVE-2020-9383
2020-04-08 22:25:53
prion
prion
Out-of-bounds
2020-02-25 16:15:00
osv
osv
CVE-2020-9383
2020-02-25 16:15:11
linux - security update
2020-06-09 00:00:00
linux-4.9 - security update
2020-06-09 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-9383 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
cvelist
cvelist
CVE-2020-9383
2020-02-25 15:48:11
nvd
nvd
CVE-2020-9383
2020-02-25 16:15:11
archlinux
archlinux
[ASA-202003-6] linux: multiple issues
2020-03-08 00:00:00
nessus
nessus
openSUSE Security Update : the Linux Kernel (openSUSE-2020-388)
2020-03-30 00:00:00
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:0836-1)
2020-04-02 00:00:00
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4346-1)
2020-04-29 00:00:00
openvas
openvas
openSUSE: Security Advisory for the (openSUSE-SU-2020:0388-1)
2020-03-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0836-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-4346-1)
2020-04-29 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-03-27 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-04-29 00:00:00
Linux kernel vulnerabilities
2020-04-28 00:00:00
Linux kernel vulnerabilities
2020-04-30 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2020-03-14 02:19:55
Updated kernel-linus packages fix security vulnerabilities
2020-04-04 01:53:32
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-04-27 00:00:00
Unbreakable Enterprise kernel security update
2020-05-11 00:00:00
Unbreakable Enterprise kernel security update
2020-05-06 00:00:00
cloudfoundry
cloudfoundry
USN-4345-1: Linux kernel vulnerabilities | Cloud Foundry
2020-05-14 00:00:00
redhat
redhat
(RHSA-2020:2104) Important: kernel-alt security and bug fix update
2020-05-12 12:52:19
(RHSA-2020:4060) Important: kernel security, bug fix, and enhancement update
2020-09-29 18:42:12
(RHSA-2020:4062) Important: kernel-rt security and bug fix update
2020-09-29 18:41:41
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-03-26 23:13:28
debian
debian
[SECURITY] [DSA 4698-1] linux security update
2020-06-09 19:44:16
[SECURITY] [DLA 2242-1] linux-4.9 security update
2020-06-10 10:48:38
[SECURITY] [DSA 4698-1] linux security update
2020-06-09 19:44:16
centos
centos
bpftool, kernel, perf, python security update
2020-10-20 18:20:15

EPSS

0

Percentile

14.2%

JSON
Related for H1:891846
debiancve1f51ibm4ubuntucve1cve1redhatcve1prion1osv4cbl_mariner1cvelist1nvd1archlinux1nessus44openvas29suse1ubuntu4mageia2oraclelinux4cloudfoundry1redhat3slackware1debian5centos1