CVE-2020-12888 — Improper Handling of Exceptional Conditions in Kernel
CWE-755 — Improper Handling of Exceptional ConditionsCWE-248 — Uncaught Exception16 documents10 sources
Severity
5.3MEDIUMNVD
OSV5.5
EPSS
0.1%
top 73.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 15
Latest updateMay 24
Description
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 0.8 | Impact: 4.0
Affected Packages4 packages
Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04, Fedora 31, 32
🔴Vulnerability Details
7OSV▶
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities↗2020-09-24
OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2020-09-23
📋Vendor Advisories
6Red Hat
▶
Microsoft▶
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.↗2020-05-12