CVE-2020-25639

CVSS v3.1 4.4 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (5^th)

Affected Products 5

Advisories 20

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2021-03-04 22:15:13
(3 years ago)
Updated Date: 2023-11-07 03:20:18
(10 months ago)

Affected Products

Fedoraproject

Fedora

Linux

Linux Kernel

Redhat

Configuration #1

		CPE23	From	Up To
	Linux Kernel 5.11.2 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 5.11.2

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 32	cpe:2.3:o:fedoraproject:fedora:32
	Fedoraproject Fedora 33	cpe:2.3:o:fedoraproject:fedora:33

Configuration #3

		CPE23	From	Up To
	Redhat Openshift Container Platform 4.4	cpe:2.3:a:redhat:openshift_container_platform:4.4
	Redhat Openshift Container Platform 4.5	cpe:2.3:a:redhat:openshift_container_platform:4.5
	Redhat Openshift Container Platform 4.6	cpe:2.3:a:redhat:openshift_container_platform:4.6
	Redhat Enterprise Linux 5.0	cpe:2.3:o:redhat:enterprise_linux:5.0
	Redhat Enterprise Linux 6.0	cpe:2.3:o:redhat:enterprise_linux:6.0
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Messaging Realtime Grid 2.0	cpe:2.3:o:redhat:messaging_realtime_grid:2.0