CVE-2020-10732
First published: Fri May 01 2020(Updated: )
A flaw was found in the Linux kernel implementation of userspace core dumps. This flaw allows anyone with access to core dumps to see a small amount of private kernel data about the current running kernels internal state which could be used to further allow an attack to more reliably execute. This information could be user processes or kernel state from previous executions. References: <a href="https://github.com/google/kmsan/issues/76">https://github.com/google/kmsan/issues/76</a> <a href="https://twitter.com/grsecurity/status/1252558055629299712">https://twitter.com/grsecurity/status/1252558055629299712</a> <a href="https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a">https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
| redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
| redhat/kernel-rt | <0:4.18.0-240.rt7.54.el8 | 0:4.18.0-240.rt7.54.el8 |
| redhat/kernel | <0:4.18.0-240.el8 | 0:4.18.0-240.el8 |
| Linux Linux kernel | <3.16.85 | |
| Linux Linux kernel | >=4.4<4.4.226 | |
| Linux Linux kernel | >=4.9<4.9.226 | |
| Linux Linux kernel | >=4.14<4.14.183 | |
| Linux Linux kernel | >=4.19<4.19.126 | |
| Linux Linux kernel | >=5.4<5.4.44 | |
| Linux Linux kernel | >=5.6<5.6.16 | |
| openSUSE Leap | =15.1 | |
| openSUSE Leap | =15.2 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =20.04 | |
| Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
| Netapp Hci Management Node | ||
| Netapp Solidfire | ||
| Netapp Steelstore Cloud Integrated Storage | ||
| Netapp Aff A700 Firmware | ||
| Netapp Aff A700 | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| Netapp H300e Firmware | ||
| Netapp H300e | ||
| Netapp H500e Firmware | ||
| Netapp H500e | ||
| Netapp H700e Firmware | ||
| Netapp H700e | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| Netapp Aff 8300 Firmware | ||
| Netapp Aff 8300 | ||
| Netapp Aff 8700 Firmware | ||
| Netapp Aff 8700 | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 | ||
| Google Android | ||
| All of | ||
| Netapp Aff A700 Firmware | ||
| Netapp Aff A700 | ||
| All of | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| All of | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| All of | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| All of | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| All of | ||
| Netapp H300e Firmware | ||
| Netapp H300e | ||
| All of | ||
| Netapp H500e Firmware | ||
| Netapp H500e | ||
| All of | ||
| Netapp H700e Firmware | ||
| Netapp H700e | ||
| All of | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| All of | ||
| Netapp Aff 8300 Firmware | ||
| Netapp Aff 8300 | ||
| All of | ||
| Netapp Aff 8700 Firmware | ||
| Netapp Aff 8700 | ||
| All of | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 | ||
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Remedy
Possible mitigation would be to disable core dumps system-wide by setting: * hard core 0 In the /etc/security/limits.conf file and restarting applications/services/processes which users may have access to or simply reboot the system. This disables core dumps which may not be a suitable workaround in your environment.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-10732 https://nvd.nist.gov/vuln/detail/CVE-2020-10732
- https://bugzilla.redhat.com/show_bug.cgi?id=1831399
- https://access.redhat.com/errata/RHSA-2020:4062
- https://access.redhat.com/errata/RHSA-2020:4060
- https://access.redhat.com/errata/RHSA-2020:4609
- https://access.redhat.com/errata/RHSA-2020:4431
- https://access.redhat.com/security/cve/cve-2020-10732
- https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d
- https://github.com/google/kmsan/issues/76
- https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a
- https://twitter.com/grsecurity/status/1252558055629299712
- https://usn.ubuntu.com/4411-1/
- https://usn.ubuntu.com/4427-1/
- https://usn.ubuntu.com/4439-1/
- https://usn.ubuntu.com/4440-1/
- https://usn.ubuntu.com/4485-1/
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732
- https://lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj=rt9XWnCYvg%40mail.gmail.com/
- https://security.netapp.com/advisory/ntap-20210129-0005/
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- https://launchpad.net/bugs/cve/CVE-2020-10732
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1832059
- http://android.googlesource.com/kernel/common/+/1d605416fb7175e1adf094251466caa52093b413
- https://source.android.com/docs/security/bulletin/2021-01-01 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10732
- https://nvd.nist.gov/vuln/detail/CVE-2020-10732
- https://security-tracker.debian.org/tracker/CVE-2020-10732
- https://ubuntu.com/security/CVE-2020-10732
- https://www.openwall.com/lists/oss-security/2020/05/06/1
- https://git.kernel.org/linus/1d605416fb7175e1adf094251466caa52093b413
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-10732
- agent/author
- agent/severity
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/remedy
- agent/references
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/4.4
- version/linux linux kernel/4.9
- version/linux linux kernel/4.14
- version/linux linux kernel/4.19
- version/linux linux kernel/5.4
- version/linux linux kernel/5.6
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.1
- version/opensuse leap/15.2
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/20.04
- vendor/netapp
- canonical/netapp active iq unified manager vmware vsphere
- version/netapp active iq unified manager vmware vsphere/9.5
- canonical/netapp hci management node
- canonical/netapp solidfire
- canonical/netapp steelstore cloud integrated storage
- canonical/netapp aff a700 firmware
- canonical/netapp aff a700
- canonical/netapp h410c firmware
- canonical/netapp h410c
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h300e firmware
- canonical/netapp h300e
- canonical/netapp h500e firmware
- canonical/netapp h500e
- canonical/netapp h700e firmware
- canonical/netapp h700e
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/netapp aff 8300 firmware
- canonical/netapp aff 8300
- canonical/netapp aff 8700 firmware
- canonical/netapp aff 8700
- canonical/netapp aff a400 firmware
- canonical/netapp aff a400
- vendor/google
- canonical/google android
- package-manager/debian