Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

Low

Attack Vector

Local

0

CVE-2020-12114

Disclosure Date: May 04, 2020 •

CVE-2020-12114 CVSS v3 Base Score: 4.7

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

4.7 Medium

Impact Score:

3.6

Exploitability Score:

1

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

High

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

linux

Products

linux kernel

Weaknesses

CWE-362

References

Canonical

CVE-2020-12114 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12114)

Advisory

https://security.netapp.com/advisory/ntap-20200608-0001

[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html)

[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html)

[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html)

DSA-4698 (https://www.debian.org/security/2020/dsa-4698)

DSA-4699 (https://www.debian.org/security/2020/dsa-4699)

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

USN-4388-1 (https://usn.ubuntu.com/4388-1)

USN-4392-1 (https://usn.ubuntu.com/4392-1)

USN-4389-1 (https://usn.ubuntu.com/4389-1)

USN-4387-1 (https://usn.ubuntu.com/4387-1)

USN-4390-1 (https://usn.ubuntu.com/4390-1)

USN-4391-1 (https://usn.ubuntu.com/4391-1)

https://security.netapp.com/advisory/ntap-20200608-0001/

USN-4388-1 (https://usn.ubuntu.com/4388-1/)

USN-4392-1 (https://usn.ubuntu.com/4392-1/)

USN-4389-1 (https://usn.ubuntu.com/4389-1/)

USN-4390-1 (https://usn.ubuntu.com/4390-1/)

USN-4387-1 (https://usn.ubuntu.com/4387-1/)

USN-4391-1 (https://usn.ubuntu.com/4391-1/)

Miscellaneous

http://www.openwall.com/lists/oss-security/2020/05/04/2

http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html

https://www.oracle.com/security-alerts/cpuApr2021.html

Rapid7

Technical Analysis

This site uses cookies for anonymized analytics. For more information or to change your cookie settings, view our Cookie Policy.