CVE-2020-25284
First published: Sun Sep 13 2020(Updated: )
A flaw was found in the capabilities check of the rados block device functionality in the Linux kernel. Incorrect capability checks could alllow a local user with root priviledges (but no capabilities) to add or remove Rados Block Devices from the system.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-305.rt7.72.el8 | 0:4.18.0-305.rt7.72.el8 |
| redhat/kernel | <0:4.18.0-305.el8 | 0:4.18.0-305.el8 |
| Linux Kernel | <5.8.9 | |
| Debian Debian Linux | =9.0 | |
| openSUSE | =15.1 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.11-1 6.12.12-1 |
Remedy
As the rbd module can be loaded by a priviledged user or process, its use can be disabled by preventing the module from loading with the following instructions: # echo "install rbd /bin/true" >> /etc/modprobe.d/disable-rdb.conf The system will need to be restarted if the modules isloaded. In most circumstances, the rbd kernel modules will be unable to be unloaded while in use. If the system requires this module to work correctly, (Such as a CEPH node) this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-25284 https://nvd.nist.gov/vuln/detail/CVE-2020-25284
- https://bugzilla.redhat.com/show_bug.cgi?id=1882594
- https://access.redhat.com/errata/RHSA-2021:1739
- https://access.redhat.com/errata/RHSA-2021:1578
- https://access.redhat.com/security/cve/cve-2020-25284
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f44d04e696feaf13d192d942c4f14ad2e117065a
- https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
- https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
- https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
- https://twitter.com/grsecurity/status/1304537507560919041
- https://launchpad.net/bugs/cve/CVE-2020-25284
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1882595
- https://access.redhat.com/solutions/41278
- https://git.kernel.org/linus/f44d04e696feaf13d192d942c4f14ad2e117065a
- https://security-tracker.debian.org/tracker/CVE-2020-25284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25284
- https://nvd.nist.gov/vuln/detail/CVE-2020-25284
- https://ubuntu.com/security/CVE-2020-25284
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-25284
- agent/author
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/tags
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/15.1
- package-manager/debian