CVE-2020-15780
First published: Mon Jun 15 2020(Updated: )
A flaw was found in how the ACPI table loading through acpi_configfs was handled when the kernel was locked down. This flaw allows a (root) privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-193.14.3.rt13.67.el8_2 | 0:4.18.0-193.14.3.rt13.67.el8_2 |
| redhat/kernel | <0:4.18.0-193.14.3.el8_2 | 0:4.18.0-193.14.3.el8_2 |
| redhat/kernel | <0:4.18.0-80.27.2.el8_0 | 0:4.18.0-80.27.2.el8_0 |
| redhat/kernel | <0:4.18.0-147.24.2.el8_1 | 0:4.18.0-147.24.2.el8_1 |
| Linux Kernel | <5.7.7 | |
| SUSE Linux | =15.1 | |
| SUSE Linux | =15.2 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =20.04 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.17-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-15780 https://nvd.nist.gov/vuln/detail/CVE-2020-15780 https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh https://www.openwall.com/lists/oss-security/2020/06/15/3
- https://bugzilla.redhat.com/show_bug.cgi?id=1852962
- https://access.redhat.com/errata/RHSA-2020:3219
- https://access.redhat.com/errata/RHSA-2020:3218
- https://access.redhat.com/errata/RHSA-2020:3228
- https://access.redhat.com/errata/RHSA-2020:3222
- https://access.redhat.com/security/cve/cve-2020-15780
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html
- http://www.openwall.com/lists/oss-security/2020/07/20/7
- http://www.openwall.com/lists/oss-security/2020/07/29/3
- http://www.openwall.com/lists/oss-security/2020/07/30/2
- http://www.openwall.com/lists/oss-security/2020/07/30/3
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354
- https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh
- https://usn.ubuntu.com/4425-1/
- https://usn.ubuntu.com/4426-1/
- https://usn.ubuntu.com/4439-1/
- https://usn.ubuntu.com/4440-1/
- https://www.openwall.com/lists/oss-security/2020/06/15/3
- https://launchpad.net/bugs/cve/CVE-2020-15780
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1852963
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1857894
- https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
- https://security-tracker.debian.org/tracker/CVE-2020-15780
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15780
- https://nvd.nist.gov/vuln/detail/CVE-2020-15780
- https://ubuntu.com/security/CVE-2020-15780
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2020-15780?
CVE-2020-15780 has a high severity rating, primarily affecting data confidentiality and integrity.
How do I fix CVE-2020-15780?
To mitigate CVE-2020-15780, update your kernel to the remedied versions provided by your Linux distribution.
What are the affected systems for CVE-2020-15780?
CVE-2020-15780 affects several Linux kernel versions including Red Hat, OpenSUSE, and Ubuntu systems.
Who is at risk with CVE-2020-15780?
Local users with root privileges are at risk of circumventing kernel lockdown restrictions due to CVE-2020-15780.
Is there a workaround for CVE-2020-15780?
There are no known workarounds for CVE-2020-15780; the best option is to upgrade to secure kernel versions.
- collector/redhat-cve
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-15780
- agent/type
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- package-manager/redhat
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- vendor/opensuse
- canonical/suse linux
- version/suse linux/15.1
- version/suse linux/15.2
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/20.04