Home

CVE-2020-0432

Description

In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.033

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.31.1.x86_64.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.31.1.noarch.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.31.1.noarch.rpmLinux
SUSE-SU-2020:2907-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.31.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234