Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-4626-1
HistoryNov 11, 2020 - 12:00 a.m.

Linux kernel vulnerabilities

2020-11-1100:00:00
ubuntu.com
125

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Releases

  • Ubuntu 20.10

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi - Linux kernel for Raspberry Pi (V8) systems

Details

Simon Scannell discovered that the bpf verifier in the Linux kernel did not
properly calculate register bounds for certain operations. A local attacker
could use this to expose sensitive information (kernel memory) or gain
administrative privileges. (CVE-2020-27194)

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine
Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running
Average Power Limit (RAPL) driver in the Linux kernel did not properly
restrict access to power data. A local attacker could possibly use this to
expose sensitive information. (CVE-2020-8694)

Related

nessus 48
openvas 26
cbl_mariner 1
cvelist 2
nvd 2
prion 2
hackerone 1
cve 2
debiancve 2
ubuntucve 2
veracode 2
redhatcve 2
githubexploit 2
sonarsource 1
cloudfoundry 1
osv 6
ubuntu 1
alpinelinux 1
archlinux 1
oraclelinux 13
intel 1
lenovo 3
f5 1
threatpost 1
github 2
mageia 3
ics 1
photon 7
suse 3
amazon 3
debian 2
hp 1
nessus
nessus
Ubuntu 20.10 : Linux kernel vulnerabilities (USN-4626-1)
2020-11-11 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Linux kernel vulnerability (USN-4627-1)
2020-11-11 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2020-5924)
2020-11-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4626-1)
2020-11-11 00:00:00
Ubuntu: Security Advisory (USN-4627-1)
2020-11-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3273-1)
2021-11-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27194 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
cvelist
cvelist
CVE-2020-27194
2020-10-16 20:02:56
CVE-2020-8694
2020-11-12 18:03:34
nvd
nvd
CVE-2020-27194
2020-10-16 21:15:14
CVE-2020-8694
2020-11-12 18:15:16
prion
prion
Out-of-bounds
2020-10-16 21:15:00
Improper access control
2020-11-12 18:15:00
hackerone
hackerone
Internet Bug Bounty: [CVE-2020-27194] Linux kernel: eBPF verifier bug in `or` binary operation tracking function leads to LPE
2020-10-16 20:23:55
cve
cve
CVE-2020-27194
2020-10-16 21:15:14
CVE-2020-8694
2020-11-12 18:15:16
debiancve
debiancve
CVE-2020-27194
2020-10-16 21:15:14
CVE-2020-8694
2020-11-12 18:15:16
ubuntucve
ubuntucve
CVE-2020-27194
2020-10-16 00:00:00
CVE-2020-8694
2020-11-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-11-16 04:56:19
Information Disclosure
2020-11-16 04:59:24
redhatcve
redhatcve
CVE-2020-27194
2020-10-19 18:45:34
CVE-2020-8694
2020-11-10 19:52:55
githubexploit
githubexploit
Exploit for Incorrect Conversion between Numeric Types in Linux Linux Kernel
2020-11-04 12:02:34
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Linux Kernel
2020-11-09 11:58:34
sonarsource
sonarsource
Vulnerability Research Highlights 2021
2022-01-06 00:00:00
cloudfoundry
cloudfoundry
USN-4627-1: Linux kernel vulnerability | Cloud Foundry
2020-12-11 00:00:00
osv
osv
linux, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-oem, linux-oem-osp1, linux-oracle, linux-oracle-5.4 vulnerability
2020-11-11 02:30:24
CVE-2020-8694
2020-11-12 18:15:16
containerd allows RAPL to be accessible to a container
2023-12-19 21:17:06
ubuntu
ubuntu
Linux kernel vulnerability
2020-11-11 00:00:00
alpinelinux
alpinelinux
CVE-2020-8694
2020-11-12 18:15:16
archlinux
archlinux
[ASA-202011-10] linux-hardened: multiple issues
2020-11-10 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-11-10 00:00:00
microcode_ctl security, bug fix and enhancement update
2020-11-17 00:00:00
microcode_ctl security, bug fix, and enhancement update
2020-11-17 00:00:00
intel
intel
2020.2 IPU - Intel® RAPL Interface Advisory
2021-05-11 00:00:00
lenovo
lenovo
Intel RAPL Interface Advisory - Lenovo Support NL
2020-11-04 15:35:53
Intel RAPL Interface Advisory - Lenovo Support US
2020-11-04 15:35:53
Multi-vendor BIOS Security Vulnerabilities (November 2020) - Lenovo Support NL
2020-11-04 15:47:25
f5
f5
K32512431 : Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695
2020-11-24 00:00:00
threatpost
threatpost
Nvidia Warns Windows Gamers of GeForce NOW Flaw
2020-11-11 19:03:15
github
github
containerd allows RAPL to be accessible to a container
2023-12-19 21:17:06
/sys/devices/virtual/powercap accessible by default to containers
2023-10-30 15:25:44
mageia
mageia
Updated microcode package fixes security vulnerabilities
2020-11-14 00:20:36
Updated kernel-linus packages fix security vulnerabilities
2021-01-15 15:31:01
Updated kernel packages fix security vulnerabilities
2021-01-15 15:31:01
ics
ics
Siemens Industrial PCs and CNC devices (Update A)
2022-12-15 12:00:00
photon
photon
Important Photon OS Security Update - PHSA-2020-0163
2020-11-19 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0163
2020-11-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0295
2020-11-12 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-11-13 00:00:00
Security update for the Linux Kernel (important)
2020-11-29 00:00:00
Security update for RT kernel (moderate)
2021-02-05 00:00:00
amazon
amazon
Medium: kernel
2020-12-16 20:31:00
Important: kernel
2020-12-08 20:55:00
Medium: kernel
2021-01-12 22:51:00
debian
debian
[SECURITY] [DLA 2494-1] linux security update
2020-12-18 12:14:03
[SECURITY] [DLA 2483-1] linux-4.19 security update
2020-12-10 11:11:34
hp
hp
HPSBHF03705 rev. 6 - BIOS November 2020 Security Updates
2020-11-09 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for USN-4626-1
nessus48openvas26cbl_mariner1cvelist2nvd2prion2hackerone1cve2debiancve2ubuntucve2veracode2redhatcve2githubexploit2sonarsource1cloudfoundry1osv6ubuntu1alpinelinux1archlinux1oraclelinux13intel1lenovo3f51threatpost1github2mageia3ics1photon7suse3amazon3debian2hp1