CVE-2020-25656

MEDIUM EPSS 34.7%
Published Dec 2, 20205y ago · Modified Jun 17, 20262w ago
4.1 CVSS 3.1
Medium
Find Similar
Published Dec 2, 2020 5y ago
Last Modified Jun 17, 2026 2w ago

Description

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.

CVSS Details

Base Score
4.1
Exploitability
0.5
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
34.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel* <5.10
linuxlinux_kernel5.10any
redhatenterprise_linux7.0any
redhatenterprise_linux8.0any
debiandebian_linux9.0any
starwindsoftwarestarwind_virtual_sanv8any
starwindsoftwarestarwind_virtual_sanv8any
starwindsoftwarestarwind_virtual_sanv8any
starwindsoftwarestarwind_virtual_sanv8any
starwindsoftwarestarwind_virtual_sanv8any
starwindsoftwarestarwind_virtual_sanv8any

References 6

  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1888726
    ExploitIssue TrackingPatchThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
    Mailing ListThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
    Mailing ListThird Party Advisory
  • lkml.org https://lkml.org/lkml/2020/10/16/84
    ExploitMailing ListThird Party Advisory
  • lkml.org https://lkml.org/lkml/2020/10/29/528
    Mailing ListPatchThird Party Advisory
  • starwindsoftware.com https://www.starwindsoftware.com/security/sw-20210325-0006/
    Third Party Advisory

Remediation

  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1888726
    ExploitIssue TrackingPatchThird Party Advisory
  • lkml.org https://lkml.org/lkml/2020/10/29/528
    Mailing ListPatchThird Party Advisory