CVE-2020-10781
published 2020-09-16CVE-2020-10781: A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the…
PriorityP421medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.31%
22.8th percentile
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 5.7.10-1 (bookworm) | linux 5.7.10-1 (bookworm) |
| linux | linux_kernel | < 5.8.0 | 5.8.0 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.7.10-1 | 5.7.10-1 |
| linux | linux_kernel | >= 0 < 5.7.10-1 | 5.7.10-1 |
| linux | linux_kernel | >= 0 < 5.7.10-1 | 5.7.10-1 |
| linux | linux_kernel | >= 0 < 5.7.10-1 | 5.7.10-1 |
| linux | linux_kernel | >= 0 < 4.15.0-115.116 | 4.15.0-115.116 |
| linux | linux_kernel | >= 0 < 5.4.0-45.49 | 5.4.0-45.49 |
| linux_kernel | kernel | — | — |
| msrc | cm1_kernel_5.4.91-3_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_ubuntu7.8HIGH
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-93vf-4x6g-q64v: A flaw was found in the Linux Kernel before 5
ghsa_unreviewed·2022-05-24
CVE-2020-10781 [MEDIUM] CWE-732 GHSA-93vf-4x6g-q64v: A flaw was found in the Linux Kernel before 5
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
OSV
CVE-2020-10781: A flaw was found in the Linux Kernel before 5
osv·2020-09-16·CVSS 5.5
CVE-2020-10781 [MEDIUM] CVE-2020-10781: A flaw was found in the Linux Kernel before 5
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2020-09-03·CVSS 7.8
CVE-2018-20669 [HIGH] linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Timothy Michaud discovered that the i915 graphics driver in the Linux
kernel did not properly validate user memory locations for the
i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to
cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did
not properly initialize memory in certain situations. A local attacker
could possibly use this to expose sensitive information (kernel memory).
(CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not
OSV
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
osv·2020-09-03·CVSS 5.5
CVE-2019-20810 [MEDIUM] linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not properly deallocate memory in some failure conditions. A
physically proximate attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2019-20810)
Fan Yang discovered that the mremap implementation in the Linux kernel did
not properly handle DAX Huge Pages. A local attacker with access to DAX
storage could use this to gain administrative privileges. (CVE-2020-10757)
It was discovered that the Linux kernel did not correctly apply Speculative
Store Bypass Disable (SSBD) mitigations in certain
Microsoft
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device
vendor_msrc·2020-09-08·CVSS 5.5
CVE-2020-10781 [MEDIUM] CWE-732 A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes possibly making the system inoperable.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2020-09-03·CVSS 5.5
CVE-2019-20810 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not properly deallocate memory in some failure conditions. A
physically proximate attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2019-20810)
Fan Yang discovered that the mremap implementation in the Linux kernel did
not properly handle DAX Huge Pages. A local attacker with access to DAX
storage could use this to gain administrative privileges. (CVE-2020-10757)
It was discovered that the Linux kernel did not correctly apply Speculative
Store Bypass Disable (SSBD) mitigations in certain situations. A local
attacker could possibly use this to expose sensitive information.
(CV
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2020-09-03·CVSS 7.8
CVE-2018-20669 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Timothy Michaud discovered that the i915 graphics driver in the Linux
kernel did not properly validate user memory locations for the
i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to
cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did
not properly initialize memory in certain situations. A local attacker
could possibly use this to expose sensitive information (kernel memory).
(CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not properly deallocate memory in some failure conditions. A
physically proximate attacker could use t
Red Hat
kernel: zram sysfs resource consumption
vendor_redhat·2020-06-17·CVSS 5.5
CVE-2020-10781 [MEDIUM] CWE-732 kernel: zram sysfs resource consumption
kernel: zram sysfs resource consumption
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
A flaw was found in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the
Debian
CVE-2020-10781: linux - A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, w...
vendor_debian·2020·CVSS 5.5
CVE-2020-10781 [MEDIUM] CVE-2020-10781: linux - A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, w...
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
Scope: local
bookworm: resolved (fixed in 5.7.10-1)
bullseye: resolved (fixed in 5.7.10-1)
forky: resolved (fixed in 5.7.10-1)
sid: resolved (fixed in 5.7.10-1)
trixie: resolved (fixed in 5.7.10-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-10781 kernel: zram sysfs resource consumption [fedora-all]
bugzilla·2020-06-18·CVSS 5.5
CVE-2020-10781 [MEDIUM] CVE-2020-10781 kernel: zram sysfs resource consumption [fedora-all]
CVE-2020-10781 kernel: zram sysfs resource consumption [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora
Bugzilla
CVE-2020-10781 kernel: zram sysfs resource consumption
bugzilla·2020-06-17·CVSS 5.5
CVE-2020-10781 [MEDIUM] CVE-2020-10781 kernel: zram sysfs resource consumption
CVE-2020-10781 kernel: zram sysfs resource consumption
A user with a local account and the ability to read the /sys/class/zram-control/hot_add file which on each read will create a zram device node in the /dev/ directory. This allocates kernel memory and is not allocated to a user.
Continually reading this file may consume a large amount of system memory and cause the system OOM killer to activate, terminating userspace processes possibly making the system inoperable.
Discussion:
Created attachment 1697754
Initial patch to change permissions on the file.
Initial patch, not accepted upstream yet.
---
Mitigation:
Changing permissions on the files within /sys will prevent regular users from being able to trigger this issue, however permissions changed within /sys do not persist betwee
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10781https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=853eab68afc80f59f36bbdeb715e5c88c501e680https://lists.debian.org/debian-lts-announce/2020/09/msg00025.htmlhttps://www.openwall.com/lists/oss-security/2020/06/18/1https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10781https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=853eab68afc80f59f36bbdeb715e5c88c501e680https://lists.debian.org/debian-lts-announce/2020/09/msg00025.htmlhttps://www.openwall.com/lists/oss-security/2020/06/18/1
2020-09-16
Published