CVE-2020-16166
published 2020-07-30CVE-2020-16166: The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network…
low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 5.7.17-1 (bookworm) | linux 5.7.17-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | <= 5.7.11 | — |
| linux | linux_kernel | >= 0 < 5.7.17-1 | 5.7.17-1 |
| linux | linux_kernel | >= 0 < 5.7.17-1 | 5.7.17-1 |
| linux | linux_kernel | >= 0 < 5.7.17-1 | 5.7.17-1 |
| linux | linux_kernel | >= 0 < 5.7.17-1 | 5.7.17-1 |
| linux | linux_kernel | >= 0 < 4.15.0-118.119 | 4.15.0-118.119 |
| linux | linux_kernel | >= 0 < 5.4.0-48.52 | 5.4.0-48.52 |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cm1_kernel_5.4.91-3_on_cbl_mariner_1.0 | — | — |
| netapp | active_iq_unified_manager | >= 9.5 | — |
| netapp | e-series_santricity_os_controller | 11.0.0 – 11.60.3 | — |
| netapp | storagegrid | <= 9.0.4 | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| oracle | sd-wan_edge | — | — |
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.5MEDIUM