First published: Fri May 01 2020(Updated: )
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
redhat/kernel-rt | <0:4.18.0-240.rt7.54.el8 | 0:4.18.0-240.rt7.54.el8 |
redhat/kernel | <0:4.18.0-240.el8 | 0:4.18.0-240.el8 |
Google Android | ||
ubuntu/linux | <4.15.0-115.116 | 4.15.0-115.116 |
ubuntu/linux | <5.4.0-40.44 | 5.4.0-40.44 |
ubuntu/linux | <5.7 | 5.7 |
ubuntu/linux | <4.4.0-186.216 | 4.4.0-186.216 |
ubuntu/linux-aws | <4.15.0-1080.84 | 4.15.0-1080.84 |
ubuntu/linux-aws | <5.4.0-1018.18 | 5.4.0-1018.18 |
ubuntu/linux-aws | <4.4.0-1075.79 | 4.4.0-1075.79 |
ubuntu/linux-aws | <5.7 | 5.7 |
ubuntu/linux-aws | <4.4.0-1111.123 | 4.4.0-1111.123 |
ubuntu/linux-aws-5.0 | <5.7 | 5.7 |
ubuntu/linux-aws-5.3 | <5.3.0-1032.34~18.04.2 | 5.3.0-1032.34~18.04.2 |
ubuntu/linux-aws-5.3 | <5.7 | 5.7 |
ubuntu/linux-aws-5.4 | <5.7 | 5.7 |
ubuntu/linux-aws-hwe | <5.7 | 5.7 |
ubuntu/linux-aws-hwe | <4.15.0-1080.84~16.04.1 | 4.15.0-1080.84~16.04.1 |
ubuntu/linux-azure | <5.4.0-1020.20 | 5.4.0-1020.20 |
ubuntu/linux-azure | <4.15.0-1093.103~14.04.1 | 4.15.0-1093.103~14.04.1 |
ubuntu/linux-azure | <5.7 | 5.7 |
ubuntu/linux-azure | <4.15.0-1093.103~16.04.1 | 4.15.0-1093.103~16.04.1 |
ubuntu/linux-azure-4.15 | <4.15.0-1093.103 | 4.15.0-1093.103 |
ubuntu/linux-azure-4.15 | <5.7 | 5.7 |
ubuntu/linux-azure-5.3 | <5.3.0-1034.35~18.04.1 | 5.3.0-1034.35~18.04.1 |
ubuntu/linux-azure-5.3 | <5.7 | 5.7 |
ubuntu/linux-azure-5.4 | <5.7 | 5.7 |
ubuntu/linux-azure-edge | <5.7 | 5.7 |
ubuntu/linux-gcp | <5.4.0-1019.19 | 5.4.0-1019.19 |
ubuntu/linux-gcp | <5.7 | 5.7 |
ubuntu/linux-gcp | <4.15.0-1081.92~16.04.1 | 4.15.0-1081.92~16.04.1 |
ubuntu/linux-gcp-4.15 | <4.15.0-1081.92 | 4.15.0-1081.92 |
ubuntu/linux-gcp-4.15 | <5.7 | 5.7 |
ubuntu/linux-gcp-5.3 | <5.3.0-1032.34~18.04.1 | 5.3.0-1032.34~18.04.1 |
ubuntu/linux-gcp-5.3 | <5.7 | 5.7 |
ubuntu/linux-gcp-edge | <5.7 | 5.7 |
ubuntu/linux-gke-4.15 | <4.15.0-1067.70 | 4.15.0-1067.70 |
ubuntu/linux-gke-4.15 | <5.7 | 5.7 |
ubuntu/linux-gke-5.0 | <5.0.0-1045.46 | 5.0.0-1045.46 |
ubuntu/linux-gke-5.0 | <5.7 | 5.7 |
ubuntu/linux-gke-5.3 | <5.3.0-1032.34~18.04.1 | 5.3.0-1032.34~18.04.1 |
ubuntu/linux-gke-5.3 | <5.7 | 5.7 |
ubuntu/linux-hwe | <5.3.0-64.58~18.04.1 | 5.3.0-64.58~18.04.1 |
ubuntu/linux-hwe | <5.7 | 5.7 |
ubuntu/linux-hwe | <4.15.0-115.116~16.04.1 | 4.15.0-115.116~16.04.1 |
ubuntu/linux-hwe-5.4 | <5.4.0-40.44~18.04.1 | 5.4.0-40.44~18.04.1 |
ubuntu/linux-hwe-5.4 | <5.7 | 5.7 |
ubuntu/linux-hwe-edge | <5.7 | 5.7 |
ubuntu/linux-kvm | <4.15.0-1072.73 | 4.15.0-1072.73 |
ubuntu/linux-kvm | <5.4.0-1018.18 | 5.4.0-1018.18 |
ubuntu/linux-kvm | <5.7 | 5.7 |
ubuntu/linux-kvm | <4.4.0-1077.84 | 4.4.0-1077.84 |
ubuntu/linux-lts-trusty | <5.7 | 5.7 |
ubuntu/linux-lts-xenial | <4.4.0-186.216~14.04.1 | 4.4.0-186.216~14.04.1 |
ubuntu/linux-lts-xenial | <5.7 | 5.7 |
ubuntu/linux-oem | <4.15.0-1094.104 | 4.15.0-1094.104 |
ubuntu/linux-oem | <5.7 | 5.7 |
ubuntu/linux-oem-5.6 | <5.6.0-1018.18 | 5.6.0-1018.18 |
ubuntu/linux-oem-5.6 | <5.7 | 5.7 |
ubuntu/linux-oem-osp1 | <5.0.0-1065.70 | 5.0.0-1065.70 |
ubuntu/linux-oem-osp1 | <5.7 | 5.7 |
ubuntu/linux-oracle | <4.15.0-1051.55 | 4.15.0-1051.55 |
ubuntu/linux-oracle | <5.4.0-1019.19 | 5.4.0-1019.19 |
ubuntu/linux-oracle | <5.7 | 5.7 |
ubuntu/linux-oracle | <4.15.0-1051.55~16.04.1 | 4.15.0-1051.55~16.04.1 |
ubuntu/linux-oracle-5.0 | <5.7 | 5.7 |
ubuntu/linux-oracle-5.3 | <5.3.0-1030.32~18.04.1 | 5.3.0-1030.32~18.04.1 |
ubuntu/linux-oracle-5.3 | <5.7 | 5.7 |
ubuntu/linux-raspi | <5.4.0-1013.13 | 5.4.0-1013.13 |
ubuntu/linux-raspi | <5.7 | 5.7 |
ubuntu/linux-raspi-5.4 | <5.7 | 5.7 |
ubuntu/linux-raspi2 | <4.15.0-1068.72 | 4.15.0-1068.72 |
ubuntu/linux-raspi2 | <5.7 | 5.7 |
ubuntu/linux-raspi2 | <4.4.0-1136.145 | 4.4.0-1136.145 |
ubuntu/linux-raspi2-5.3 | <5.3.0-1030.32~18.04.2 | 5.3.0-1030.32~18.04.2 |
ubuntu/linux-raspi2-5.3 | <5.7 | 5.7 |
ubuntu/linux-riscv | <5.4.0-28.32 | 5.4.0-28.32 |
ubuntu/linux-riscv | <5.7 | 5.7 |
ubuntu/linux-snapdragon | <4.15.0-1084.92 | 4.15.0-1084.92 |
ubuntu/linux-snapdragon | <5.7 | 5.7 |
ubuntu/linux-snapdragon | <4.4.0-1140.148 | 4.4.0-1140.148 |
Linux Linux kernel | <3.16.85 | |
Linux Linux kernel | >=4.4<4.4.226 | |
Linux Linux kernel | >=4.9<4.9.226 | |
Linux Linux kernel | >=4.14<4.14.183 | |
Linux Linux kernel | >=4.19<4.19.126 | |
Linux Linux kernel | >=5.4<5.4.44 | |
Linux Linux kernel | >=5.6<5.6.16 | |
openSUSE Leap | =15.1 | |
openSUSE Leap | =15.2 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
Netapp Hci Management Node | ||
Netapp Solidfire | ||
Netapp Steelstore Cloud Integrated Storage | ||
All of | ||
Netapp Aff A700 Firmware | ||
Netapp Aff A700 | ||
All of | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
All of | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
All of | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
All of | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
All of | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
All of | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
All of | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
All of | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
All of | ||
Netapp Aff 8300 Firmware | ||
Netapp Aff 8300 | ||
All of | ||
Netapp Aff 8700 Firmware | ||
Netapp Aff 8700 | ||
All of | ||
Netapp Aff A400 Firmware | ||
Netapp Aff A400 | ||
Netapp Aff A700 Firmware | ||
Netapp Aff A700 | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Netapp Aff 8300 Firmware | ||
Netapp Aff 8300 | ||
Netapp Aff 8700 Firmware | ||
Netapp Aff 8700 | ||
Netapp Aff A400 Firmware | ||
Netapp Aff A400 | ||
debian/linux | 4.19.249-2 4.19.304-1 5.10.209-2 5.10.216-1 6.1.76-1 6.1.90-1 6.7.12-1 6.8.9-1 |
Possible mitigation would be to disable core dumps system-wide by setting: * hard core 0 In the /etc/security/limits.conf file and restarting applications/services/processes which users may have access to or simply reboot the system. This disables core dumps which may not be a suitable workaround in your environment.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)