Vulnerability Name: | CVE-2020-25662 (CCN-191227) | ||||||||||||||||||
Assigned: | 2020-11-03 | ||||||||||||||||||
Published: | 2020-11-03 | ||||||||||||||||||
Updated: | 2023-02-12 | ||||||||||||||||||
Summary: | A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality. | ||||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||
CVSS v2 Severity: | 3.3 Low (CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||||||||
Vulnerability Type: | CWE-665 | ||||||||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2020-25662 Source: CCN Type: Red Hat Web site CVE-2020-12352 Source: secalert@redhat.com Type: Mitigation, Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: CCN Type: Red Hat Bugzilla - Bug 1891484 (CVE-2020-25662) - CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression Source: secalert@redhat.com Type: Issue Tracking, Mitigation, Vendor Advisory secalert@redhat.com Source: XF Type: UNKNOWN redhat-cve202025662-info-disc(191227) | ||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: ![]() | ||||||||||||||||||
Oval Definitions | |||||||||||||||||||
| |||||||||||||||||||
BACK |