VDB
CVE-2020-0404
CVE-2020-0404
PUBLISHED
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel
EPSS 0.20% · 41.9th percentile
Risk Scores
EPSS Score
0.20%
41.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | linux-gke-5.3 | 5.3.0-1014.15~18.04.1, *, 5.3.0-1016.17~18.04.1 |
| Ubuntu:22.04:LTS | linux-riscv | 5.15.0-1012.13, 5.15.0-1014.16, 5.15.0-1015.17 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-aws-fips | 4.15.0-2000.4, 0 |
| Ubuntu:18.04:LTS | linux-oem-osp1 | 5.0.0-1015.16, 5.0.0-1039.44, 5.0.0-1010.11 |
| Ubuntu:18.04:LTS | linux-snapdragon | 4.4.0-1081.86, 4.4.0-1079.84, 4.4.0-1078.83 |
| Ubuntu:18.04:LTS | linux-gke-4.15 | 4.15.0-1055.58, 4.15.0-1041.43, 4.15.0-1032.34 |
| Ubuntu:18.04:LTS | linux-oem | 4.15.0-1036.41, 4.15.0-1006.9, 4.15.0-1004.5 |
| Ubuntu:18.04:LTS | linux-oracle-5.0 | 5.0.0-1008.13~18.04.1, 5.0.0-1014.19, 0 |
| Ubuntu:16.04:LTS | linux-raspi2 | 4.4.0-1085.93, 4.4.0-1086.94, 4.4.0-1004.5 |
| Ubuntu:20.04:LTS | linux-gke | 5.4.0-1097.104, 5.4.0-1063.66, 5.4.0-1090.97 |
| Ubuntu:Pro:14.04:LTS | linux | 3.13.0-132.181, 3.13.0-133.182, 3.13.0-135.184 |
| Ubuntu:Pro:14.04:LTS | linux-aws | 4.4.0-1017.17, 4.4.0-1036.39, 4.4.0-1056.60 |
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-aws-fips | 0, 4.15.0-2000.4 |
| Ubuntu:16.04:LTS | linux-snapdragon | 4.4.0-1063.68, 4.4.0-1071.76, 4.4.0-1122.128 |
| Ubuntu:18.04:LTS | linux-raspi2 | 4.15.0-1044.47, 4.15.0-1012.13, 4.15.0-1010.11 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | 5.3.0-1008.9~18.04.1, 0, * |
| Ubuntu:18.04:LTS | linux-azure | 4.15.0-1032.33, 4.15.0-1004.4, 4.18.0-1011.11~18.04.1 |
| Ubuntu:16.04:LTS | linux-hwe-edge | 4.13.0-25.29~16.04.2, 4.15.0-13.14~16.04.1, 4.15.0-15.16~16.04.1 |
| Ubuntu:16.04:LTS | linux | 4.4.0-87.110, 0, 4.2.0-16.19 |
| Ubuntu:22.04:LTS | linux-realtime | 0, 5.15.0-1032.35 |
…and 32 more
Timeline
- Sep 9, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-0404 third-party-advisory
- https://git.kernel.org/linus/68035c80e129c4cfec659aac4180354530b26527 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-0404 third-party-advisory