CVE-2020-25704

CVSS v3.1 5.5 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (5^th)

Affected Products 6

Advisories 36

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

Weaknesses

CWE-401: Missing Release of Memory after Effective Lifetime

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2020-12-02 01:15:12
(3 years ago)
Updated Date: 2022-10-25 16:30:04
(23 months ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Starwindsoftware

Configuration #1

	CPE23	Up To
Linux Kernel 5.9 and prior versions	cpe:2.3:o:linux:linux_kernel	<= 5.9
Linux Kernel 5.10 Rc1	cpe:2.3:o:linux:linux_kernel:5.10:rc1
Linux Kernel 5.10 Rc2	cpe:2.3:o:linux:linux_kernel:5.10:rc2

Configuration #2

		CPE23	From	Up To
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0

Configuration #3

		CPE23	From	Up To
	Starwindsoftware Command Center	cpe:2.3:a:starwindsoftware:command_center:-
	Starwindsoftware Starwind Hyperconverged Appliance	cpe:2.3:a:starwindsoftware:starwind_hyperconverged_appliance:-
	Starwindsoftware Starwind San & Nas V8r12	cpe:2.3:a:starwindsoftware:starwind_san_\%26_nas:v8r12
	Starwindsoftware Starwind Virtual San V8 Build14398	cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14398