Vulnerability CVE-2020-29370

Vulnerability Name:

CVE-2020-29370 (CCN-179282)

Assigned:

2020-03-17

Published:

2020-03-17

Updated:

2022-10-19

Summary:

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

CVSS v3 Severity:

7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-362

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-29370

Source: CCN
Type: Google Security Research Issue 2022
Linux: SLUB bulk alloc slowpath omits required TID increment

Source: MISC
Type: Exploit, Issue Tracking, Patch, Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=2022

Source: MISC
Type: Release Notes, Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.11

Source: XF
Type: UNKNOWN
linux-kernel-slubbulk-dos(179282)

Source: CCN
Type: Linux Kernel GIT Repository
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()

Source: MISC
Type: Patch, Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fd4d9c7d0c71866ec0c2825189ebd2ce35bd95b8

Source: CCN
Type: Packet Storm Security [04-10-2020]
Linux Omitted TID Increment

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20201218-0001/

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version < 5.5.11)

Configuration 2:

cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:solidfire_&_hci_management_node:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:solidfire,_enterprise_sds_&_hci_storage_node:-:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

AND

cpe:/h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.4.0:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.9:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.19:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.4:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8090	P	reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7580	P	libbsd-devel-0.8.7-3.3.17 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7539	P	kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7702	P	libxml2-2-2.10.3-150500.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:665	P	Security update for samba (Moderate)	2022-08-03
oval:org.opensuse.security:def:3381	P	tboot-20190704_1.9.10-1.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3448	P	busybox-1.21.1-3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3453	P	clamav-0.101.3-1.19 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3567	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3398	P	wpa_supplicant-2.6-15.10.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95196	P	imobiledevice-tools-1.3.0+git.20210921-150400.1.15 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94590	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95197	P	kernel-default-extra-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95028	P	kernel-docs-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94493	P	apparmor-abstractions-3.0.4-150400.3.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95078	P	reiserfs-kmp-default-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2960	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94877	P	podman-3.4.4-150400.2.14 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95083	P	kernel-azure-5.14.21-150400.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:89	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:102349	P	Security update for the Linux Kernel (Important)	2022-04-13
oval:org.opensuse.security:def:101590	P	Security update for the Linux Kernel (Important)	2022-01-19
oval:org.opensuse.security:def:4468	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:101909	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:2013	P	reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63102	P	reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2036	P	kernel-azure-5.3.18-36.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63125	P	kernel-azure-5.3.18-36.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101206	P	libmp3lame-devel-3.100-1.33 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1018	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62107	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1930	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63019	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100865	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71848	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101277	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72738	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:102284	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:111206	P	Security update for RT kernel (Moderate)	2021-02-05
oval:org.opensuse.security:def:97173	P	Recommended update for RT kernel (Low)	2021-02-04
oval:org.opensuse.security:def:6444	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:117873	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:108575	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:67533	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:96843	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:8353	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:118615	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:70775	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:111338	P	Security update for the Linux Kernel (Important)	2021-01-14
oval:org.opensuse.security:def:64470	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:73592	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:102969	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:7070	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:95571	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:117938	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:108950	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:68159	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:10635	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:96163	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:119775	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:109519	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:117387	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:107872	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:65557	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:74625	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:95636	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:109015	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:5648	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:96297	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:109635	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:117770	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:108256	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:66737	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:75805	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:102853	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:95954	P	Security update for the Linux Kernel (Important)	2021-01-13
oval:org.opensuse.security:def:109333	P	Security update for the Linux Kernel (Important)	2021-01-13
oval:org.opensuse.security:def:102667	P	Security update for the Linux Kernel (Important)	2021-01-13
oval:org.opensuse.security:def:118424	P	Security update for the Linux Kernel (Important)	2021-01-13
oval:org.opensuse.security:def:68791	P	Security update for the Linux Kernel (Important)	2021-01-13
oval:org.opensuse.security:def:102625	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:118377	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:68669	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:97350	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:95912	P	Security update for the Linux Kernel (Moderate)	2021-01-12
oval:org.opensuse.security:def:109291	P	Security update for the Linux Kernel (Moderate)	2021-01-12

BACK