CVE-2020-12771

CWE-667 CWE-833 CWE-20 — Improper Input Validation16 documents9 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 85.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Canonical Ubuntu Linux Debian Debian Linux +2 more

Timeline

PublishedMay 9

Latest updateMay 24

Description

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages10 packages

▶NVDlinux/linux_kernel5.6.11

▶Debianlinux< 5.7.6-1+3

▶Ubuntulinux< 4.4.0-187.217

▶Ubuntulinux-aws< 4.4.0-1112.124+1

▶Ubuntulinux-kvm< 4.4.0-1078.85

Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04

Patches

Patch: lkml.org ↗Patch: www.oracle.com ↗Patch: lkml.org ↗

🔴Vulnerability Details

GHSA

GHSA-x72c-34x9-qrm4: An issue was discovered in the Linux kernel through 5↗2022-05-24

▶

OSV

linux-hwe, linux-aws-5.3, linux-azure-5.3, linux-gke-5.3 vulnerabilities↗2020-08-23

▶

OSV

linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities↗2020-08-18

▶

CVEList

CVE-2020-12771: An issue was discovered in the Linux kernel through 5↗2020-05-09

▶

OSV

CVE-2020-12771: An issue was discovered in the Linux kernel through 5↗2020-05-09

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2020-09-03

▶

Ubuntu

Linux kernel vulnerabilities↗2020-09-03

▶

Ubuntu

linux kernel vulnerabilities↗2020-08-23

▶

Ubuntu

Linux kernel vulnerability↗2020-08-18

▶

Ubuntu

Linux kernel vulnerabilities↗2020-08-18

▶

💬Community

Bugzilla

CVE-2020-12771 kernel: deadlock if a coalescing operation fails in btree_gc_coalesce function in drivers/md/bcache/btree.c↗2020-05-12

▶

Bugzilla

CVE-2020-12771 kernel: deadlock if a coalescing operation fails in btree_gc_coalesce function in drivers/md/bcache/btree.c [fedora-all]↗2020-05-12

▶