CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
86.4%
The version of kernel installed on the remote host is prior to 4.14.192-147.314. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1480 advisory.
2024-06-19: CVE-2020-14356 was added to this advisory.
The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
(CVE-2017-18232)
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel can cause a NULL pointer dereference in xfs_bmapi_write function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service. (CVE-2018-10323)
The Linux kernel was found vulnerable to a NULL pointer dereference in the drivers/net/phy/mdio-bcm- unimac.c:unimac_mdio_probe() function caused by an unchecked return value from the platform_get_resource() function. A successful flaw exploitation can cause a system panic and a denial of service. This flaw is believed not to be an attacker triggerable as bad return value can be caused by hardware misconfiguration.
(CVE-2018-8043)
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. (CVE-2019-18808)
A flaw was found in the Linux kernel. The CX23888 Integrated Consumer Infrared Controller probe code handles resource cleanup low memory conditions. A local attacker able to induce low memory conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability. (CVE-2019-19054)
A memory leak flaw was found in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel. This flaw allows attackers to cause a denial of service. (CVE-2019-19061)
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. (CVE-2019-19073)
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
(CVE-2019-19074)
A flaw was found in the way Linux kernel's KVM hypervisor handled deferred TLB flush requests from guest.
A race condition may occur between the guest issuing a deferred TLB flush request to KVM, and then KVM handling and acknowledging it. This may result in invalid address translations from TLB being used to access guest memory, leading to a potential information leakage issue. An attacker may use this flaw to access guest memory locations that it should not have access to. (CVE-2019-3016)
In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check.
This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. (CVE-2019-9445)
A flaw was found in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device.
With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable. (CVE-2020-10781)
A flaw was discovered in the XFS source in the Linux kernel. This flaw allows an attacker with the ability to mount an XFS filesystem, to trigger a denial of service while attempting to sync a file located on an XFS v5 image with crafted metadata. (CVE-2020-12655)
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2020-14356)
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. (CVE-2020-15393)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1480.
#
include('compat.inc');
if (description)
{
script_id(139858);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/25");
script_cve_id(
"CVE-2017-18232",
"CVE-2018-8043",
"CVE-2018-10323",
"CVE-2019-3016",
"CVE-2019-9445",
"CVE-2019-18808",
"CVE-2019-19054",
"CVE-2019-19061",
"CVE-2019-19073",
"CVE-2019-19074",
"CVE-2020-10781",
"CVE-2020-12655",
"CVE-2020-14356",
"CVE-2020-15393"
);
script_bugtraq_id(103354, 103423);
script_xref(name:"ALAS", value:"2020-1480");
script_name(english:"Amazon Linux 2 : kernel (ALAS-2020-1480)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The version of kernel installed on the remote host is prior to 4.14.192-147.314. It is, therefore, affected by multiple
vulnerabilities as referenced in the ALAS2-2020-1480 advisory.
2024-06-19: CVE-2020-14356 was added to this advisory.
The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This
allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
(CVE-2017-18232)
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel can cause a NULL
pointer dereference in xfs_bmapi_write function. An attacker could trick a legitimate user or a privileged
attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a
denial of service. (CVE-2018-10323)
The Linux kernel was found vulnerable to a NULL pointer dereference in the drivers/net/phy/mdio-bcm-
unimac.c:unimac_mdio_probe() function caused by an unchecked return value from the platform_get_resource()
function. A successful flaw exploitation can cause a system panic and a denial of service. This flaw is
believed not to be an attacker triggerable as bad return value can be caused by hardware misconfiguration.
(CVE-2018-8043)
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to
send invalid SHA type commands, could cause the system to crash. The highest threat from this
vulnerability is to system availability. (CVE-2019-18808)
A flaw was found in the Linux kernel. The CX23888 Integrated Consumer Infrared Controller probe code
handles resource cleanup low memory conditions. A local attacker able to induce low memory conditions
could use this flaw to crash the system. The highest threat from this vulnerability is to system
availability. (CVE-2019-19054)
A memory leak flaw was found in the adis_update_scan_mode_burst() function in
drivers/iio/imu/adis_buffer.c in the Linux kernel. This flaw allows attackers to cause a denial of
service. (CVE-2019-19061)
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow
attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout()
failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the
htc_connect_service() function, aka CID-853acf7caf10. (CVE-2019-19073)
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel
through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
(CVE-2019-19074)
A flaw was found in the way Linux kernel's KVM hypervisor handled deferred TLB flush requests from guest.
A race condition may occur between the guest issuing a deferred TLB flush request to KVM, and then KVM
handling and acknowledging it. This may result in invalid address translations from TLB being used to
access guest memory, leading to a potential information leakage issue. An attacker may use this flaw to
access guest memory locations that it should not have access to. (CVE-2019-3016)
In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check.
This could lead to local information disclosure with system execution privileges needed. User interaction
is not needed for exploitation. (CVE-2019-9445)
A flaw was found in the ZRAM kernel module, where a user with a local account and the ability to read the
/sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read
allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device.
With this vulnerability, continually reading the device may consume a large amount of system memory and
cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making
the system inoperable. (CVE-2020-10781)
A flaw was discovered in the XFS source in the Linux kernel. This flaw allows an attacker with the ability
to mount an XFS filesystem, to trigger a denial of service while attempting to sync a file located on an
XFS v5 image with crafted metadata. (CVE-2020-12655)
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found
in the way when reboot the system. A local user could use this flaw to crash the system or escalate their
privileges on the system. (CVE-2020-14356)
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak,
aka CID-28ebeb8db770. (CVE-2020-15393)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2/ALAS-2020-1480.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2017-18232.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2018-10323.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2018-8043.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-18808.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-19054.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-19061.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-19073.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-19074.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-3016.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-9445.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2020-10781.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2020-12655.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2020-14356.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2020-15393.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update kernel' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14356");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/10");
script_set_attribute(attribute:"patch_publication_date", value:"2020/08/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.192-147.314");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("kpatch.nasl", "ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
include("hotfixes.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
if (get_one_kb_item("Host/kpatch/kernel-cves"))
{
set_hotfix_type("kpatch");
var cve_list = make_list("CVE-2017-18232", "CVE-2018-8043", "CVE-2018-10323", "CVE-2019-3016", "CVE-2019-9445", "CVE-2019-18808", "CVE-2019-19054", "CVE-2019-19061", "CVE-2019-19073", "CVE-2019-19074", "CVE-2020-10781", "CVE-2020-12655", "CVE-2020-14356", "CVE-2020-15393");
if (hotfix_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "kpatch hotfix for ALAS-2020-1480");
}
else
{
__rpm_report = hotfix_reporting_text();
}
}
var pkgs = [
{'reference':'kernel-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-common-aarch64-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-common-x86_64-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-4.14.192-147.314.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-livepatch-4.14.192-147.314-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-devel-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-devel-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-debuginfo-4.14.192-147.314.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-debuginfo-4.14.192-147.314.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10323
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14356
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15393
alas.aws.amazon.com/AL2/ALAS-2020-1480.html
alas.aws.amazon.com/cve/html/CVE-2017-18232.html
alas.aws.amazon.com/cve/html/CVE-2018-10323.html
alas.aws.amazon.com/cve/html/CVE-2018-8043.html
alas.aws.amazon.com/cve/html/CVE-2019-18808.html
alas.aws.amazon.com/cve/html/CVE-2019-19054.html
alas.aws.amazon.com/cve/html/CVE-2019-19061.html
alas.aws.amazon.com/cve/html/CVE-2019-19073.html
alas.aws.amazon.com/cve/html/CVE-2019-19074.html
alas.aws.amazon.com/cve/html/CVE-2019-3016.html
alas.aws.amazon.com/cve/html/CVE-2019-9445.html
alas.aws.amazon.com/cve/html/CVE-2020-10781.html
alas.aws.amazon.com/cve/html/CVE-2020-12655.html
alas.aws.amazon.com/cve/html/CVE-2020-14356.html
alas.aws.amazon.com/cve/html/CVE-2020-15393.html
alas.aws.amazon.com/faqs.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
86.4%