CVE-2020-8832

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

CVSS v3.0 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840	Issue Tracking Third Party Advisory
https://usn.ubuntu.com/usn/usn-4302-1	Third Party Advisory
https://security.netapp.com/advisory/ntap-20200430-0004/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
	cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:aff_a220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a220:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:aff_a320_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a320:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:aff_c190_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_c190:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:netapp:fas8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8300:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:netapp:fas8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8700:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a220:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a320_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a320:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a400:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_a800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_a800:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:netapp:fas_baseboard_management_controller_c190_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_baseboard_management_controller_c190:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

Configuration 31 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

History

09 Nov 2023, 14:44

Type	Values Removed	Values Added
CPE	cpe:2.3:h:netapp:baseboard_management_controller_h610s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h610c:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h610s_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h610c_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h615c_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h615c:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:::::::* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:::::::* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:::::::*	cpe:2.3:o:netapp:h615c_firmware:-:::::::* cpe:2.3:h:netapp:h300s:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:h:netapp:h610c:-:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:o:netapp:h500e_firmware:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:h:netapp:h610s:-:::::::* cpe:2.3:h:netapp:h615c:-:::::::* cpe:2.3:o:netapp:h610c_firmware:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:h:netapp:h700e:-:::::::* cpe:2.3:o:netapp:h610s_firmware:-:::::::* cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:h:netapp:h300e:-:::::::* cpe:2.3:o:netapp:h300e_firmware:-:::::::* cpe:2.3:o:netapp:h700e_firmware:-:::::::* cpe:2.3:o:netapp:h410c_firmware:-:::::::* cpe:2.3:h:netapp:h500e:-:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:h:netapp:h410c:-:::::::*
First Time		Netapp h300e Firmware Netapp h410c Netapp h700e Netapp h410c Firmware Netapp h300e Netapp h500s Netapp h700s Firmware Netapp h300s Netapp h610c Netapp h500e Firmware Netapp h500s Firmware Netapp h700e Firmware Netapp h610s Firmware Netapp h500e Netapp h410s Netapp h700s Netapp h615c Firmware Netapp h300s Firmware Netapp h410s Firmware Netapp h615c Netapp h610c Firmware Netapp h610s

Information

Published : 2020-04-10 00:15

Updated : 2023-11-09 14:44

NVD link : CVE-2020-8832

Mitre link : CVE-2020-8832

JSON object : View

Products Affected

netapp

h615c_firmware
aff_8700_firmware
aff_a320_firmware
h610c
h615c
h300e_firmware
fas2720_firmware
aff_a400
h300s
h410s_firmware
fas8700_firmware
fas8300_firmware
fas_baseboard_management_controller_a220
fas_baseboard_management_controller_a400_firmware
aff_8300_firmware
fas_baseboard_management_controller_c190
solidfire_baseboard_management_controller_firmware
aff_a320
fas_baseboard_management_controller_a800_firmware
cloud_backup
aff_c190
h410s
h500s
aff_8300
fas_baseboard_management_controller_a400
h610s
h700e
fas2750_firmware
h700s
fas_baseboard_management_controller_a320
steelstore_cloud_integrated_storage
aff_8700
solidfire_\&_hci_management_node
h300s_firmware
aff_c190_firmware
h300e
fas_baseboard_management_controller_a320_firmware
fas2750
aff_a400_firmware
h410c_firmware
fas_baseboard_management_controller_a800
h410c
fas8700
aff_a220
fas_baseboard_management_controller_a220_firmware
solidfire_baseboard_management_controller
aff_a700s_firmware
aff_a700s
h500e_firmware
h610s_firmware
h500e
h700s_firmware
h500s_firmware
h700e_firmware
fas_baseboard_management_controller_c190_firmware
fas8300
aff_a220_firmware
h610c_firmware
fas2720

canonical

ubuntu_linux

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

5.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2020-8832

5.5^/10

2.1^/10

Attach tags to `CVE-2020-8832`