Home

CVE-2020-0404

Description

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.182

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.31.1.noarch.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.31.1.noarch.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.31.1.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-372.9.1.el8.noarch.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-core-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-372.9.1.el8.noarch.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-372.9.1.el8.x86_64.rpmLinux
(RHSA-2022:1988) kernel security, bug fix, and enhancement update python3-perf-4.18.0-372.9.1.el8.x86_64.rpmLinux
Kernel-uek update (ELSA-2023-12232) kernel-uek-4.1.12-124.73.2.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2023-12232) kernel-uek-debug-4.1.12-124.73.2.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2023-12232) kernel-uek-debug-devel-4.1.12-124.73.2.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2023-12232) kernel-uek-devel-4.1.12-124.73.2.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2023-12232) kernel-uek-doc-4.1.12-124.73.2.el7uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2023-12232) kernel-uek-firmware-4.1.12-124.73.2.el7uek.noarch.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234