1. Home
  2. Vulnerabilities
  3. CVE-2020-10757

CVE-2020-10757

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 0.05 % (24th)
0.05% Progress
Affected Products 10
Advisories 46
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2020-06-09 13:15:10
(4 years ago)
Updated Date
2024-01-19 17:51:47
(8 months ago)

Affected Products

Canonical

Debian

Fedoraproject

Linux

Netapp

Opensuse

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel from 4.5 version and prior 4.9.227 version cpe:2.3:o:linux:linux_kernel >= 4.5 < 4.9.227
  Linux Kernel from 4.10 version and prior 4.14.184 version cpe:2.3:o:linux:linux_kernel >= 4.10 < 4.14.184
  Linux Kernel from 4.15 version and prior 4.19.127 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.127
  Linux Kernel from 4.20 version and prior 5.4.45 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.45
  Linux Kernel from 5.5 version and prior 5.6.17 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.6.17
  Linux Kernel from 5.7 version and prior 5.7.1 version cpe:2.3:o:linux:linux_kernel >= 5.7 < 5.7.1

Configuration #2

    CPE23 From Up To
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1

Configuration #3

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Mrg 2.0 cpe:2.3:o:redhat:enterprise_mrg:2.0

Configuration #4

    CPE23 From Up To
  Fedoraproject Fedora 31 cpe:2.3:o:fedoraproject:fedora:31

Configuration #5

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0

Configuration #6

    CPE23 From Up To
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts

Configuration #7

    CPE23 From Up To
  Netapp Active Iq Unified Manager for Vmware Vsphere cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere
  Netapp Cloud Backup cpe:2.3:a:netapp:cloud_backup:-
  Netapp Steelstore Cloud Integrated Storage cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-