CVE-2020-10690 — MEDIUM (6.5)

Q: How severe is CVE-2020-10690?

CVE-2020-10690 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-10690?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux, Debian Debian Linux, Canonical Ubuntu Linux, Opensuse Leap.

Vulnerability Description

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	< 5.5
Redhat	Enterprise Linux	7.0
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	14.04
Opensuse	Leap	15.1
Netapp	Active Iq Unified Manager	-
Netapp	Element Software	-
Netapp	Hci Management Node	-
Netapp	Solidfire	-
Netapp	Steelstore Cloud Integrated Storage	-
Netapp	Hci Compute Node	-
Netapp	H300S Firmware	-
Netapp	H300S	-
Netapp	H500S Firmware	-
Netapp	H500S	-
Netapp	H700S Firmware	-
Netapp	H700S	-
Netapp	H300E Firmware	-
Netapp	H300E	-
Netapp	H500E Firmware	-

Related Weaknesses (CWE)

CWE-416

References

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing ListThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
https://usn.ubuntu.com/4419-1/Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing ListThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
https://usn.ubuntu.com/4419-1/Third Party Advisory

FAQ

What is CVE-2020-10690?

CVE-2020-10690 is a vulnerability with a CVSS score of 6.5 (MEDIUM). There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp ...

How severe is CVE-2020-10690?

CVE-2020-10690 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-10690?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux, Debian Debian Linux, Canonical Ubuntu Linux, Opensuse Leap.