Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2020-25656

Updated: 2022-05-27 05:19:06.422796

Description:

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 1.9
CVSS Version 3.x MEDIUM 4.1

Status

OS name Project name Version Status Errata Last updated
Oracle Linux 6 ELS kernel 2.6.32 Released CLSA-2021:1634922728 2022-05-06 10:22:11.00073
Ubuntu 16.04 ELS linux 4.4.0 Not vulnerable 2022-04-01 12:49:31.599901