CVE-2020-10732 : A flaw was found in the Linux kernel's implementation of Userspace core dumps. T

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

Published 2020-06-12 14:15:11

Updated 2023-06-06 13:46:20

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2020-10732

Linux » Linux Kernel
Versions from including (>=) 5.6 and before (<) 5.6.16
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.9 and before (<) 4.9.226
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.19 and before (<) 4.19.126
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.14 and before (<) 4.14.183
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.4 and before (<) 5.4.44
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 3.16.85
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.4 and before (<) 4.4.226
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 20.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Matching versions
Opensuse » Leap » Version: 15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 15.2
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Matching versions
Netapp » Steelstore Cloud Integrated Storage » Version: N/A
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
Matching versions
Netapp » Hci Management Node » Version: N/A
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
Matching versions
Netapp » Solidfire » Version: N/A
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Matching versions
Netapp » Active Iq Unified Manager » For Vmware Vsphere
Versions from including (>=) 9.5
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
Matching versions
Netapp » Aff A400 Firmware » Version: N/A
cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Aff A400 » Version: N/A
Netapp » Aff A700 Firmware » Version: N/A
cpe:2.3:o:netapp:aff_a700_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Aff A700 » Version: N/A
Netapp » H410c Firmware » Version: N/A
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410c » Version: N/A
Netapp » H300s Firmware » Version: N/A
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300s » Version: N/A
Netapp » H500s Firmware » Version: N/A
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500s » Version: N/A
Netapp » H700s Firmware » Version: N/A
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700s » Version: N/A
Netapp » H300e Firmware » Version: N/A
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300e » Version: N/A
Netapp » H500e Firmware » Version: N/A
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500e » Version: N/A
Netapp » H700e Firmware » Version: N/A
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700e » Version: N/A
Netapp » H410s Firmware » Version: N/A
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410s » Version: N/A
Netapp » Aff 8300 Firmware » Version: N/A
cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Aff 8300 » Version: N/A
Netapp » Aff 8700 Firmware » Version: N/A
cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Aff 8700 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-10732

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 22 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-10732

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.6	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:P	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial
4.4	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L	1.8	2.5	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: Low
3.3	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	1.8	1.4	Red Hat, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2020-10732

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.
Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)

References for CVE-2020-10732

https://usn.ubuntu.com/4411-1/

USN-4411-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a

fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() · ruscur/linux@a95cdec · GitHub
Patch;Third Party Advisory
https://usn.ubuntu.com/4427-1/

USN-4427-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

[security-announce] openSUSE-SU-2020:0801-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://github.com/google/kmsan/issues/76

BUG: KMSAN: uninit-value in kmsan_handle_dma · Issue #76 · google/kmsan · GitHub
Issue Tracking;Third Party Advisory
https://lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj=rt9XWnCYvg%40mail.gmail.com/

Re: [PATCH] fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() - Alexander Potapenko
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

[security-announce] openSUSE-SU-2020:0935-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732

1831399 – (CVE-2020-10732) CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps
Issue Tracking;Patch;Third Party Advisory
https://usn.ubuntu.com/4439-1/

USN-4439-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
https://twitter.com/grsecurity/status/1252558055629299712

grsecurity on Twitter: "Did you know the Linux kernel's been leaking uninitialized data (KASLR defeat) through coredumps for over a decade, and someone's custom syzkaller instance finally noticed it?
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d

kernel/git/next/linux-next.git - The linux-next integration testing tree
Patch;Vendor Advisory
https://usn.ubuntu.com/4440-1/

USN-4440-1: linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/4485-1/

USN-4485-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20210129-0005/

CVE-2020-10732 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory

Jump to

Vulnerability Details : CVE-2020-10732

Products affected by CVE-2020-10732

Exploit prediction scoring system (EPSS) score for CVE-2020-10732

CVSS scores for CVE-2020-10732

CWE ids for CVE-2020-10732

References for CVE-2020-10732