VDB
CVE-2020-0432
CVE-2020-0432
PUBLISHED
In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807
EPSS 0.03% · 10.1th percentile
Risk Scores
EPSS Score
0.03%
10.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:14.04:LTS | linux-azure | 4.15.0-1039.41~14.04.2, 4.15.0-1037.39~14.04.2, 4.15.0-1036.38~14.04.2 |
| Ubuntu:18.04:LTS | linux-gke-5.3 | 5.3.0-1011.12~18.04.1, 5.3.0-1012.13~18.04.1, 0 |
| Ubuntu:16.04:LTS | linux | 4.4.0-139.165, 4.4.0-138.164, 4.4.0-137.163 |
| Ubuntu:18.04:LTS | linux-snapdragon | 4.15.0-1066.73, 4.15.0-1064.71, 4.15.0-1062.69 |
| Ubuntu:18.04:LTS | linux-raspi2 | 4.15.0-1038.40, 4.15.0-1037.39, 4.15.0-1036.38 |
| Ubuntu:16.04:LTS | linux-snapdragon | 4.4.0-1126.132, 4.4.0-1015.18, 0 |
| Ubuntu:16.04:LTS | linux-hwe | *, *, * |
| Ubuntu:22.04:LTS | linux-realtime | 0, 5.15.0-1032.35 |
| Ubuntu:Pro:14.04:LTS | linux-lts-xenial | *, 4.4.0-146.172~14.04.1, * |
| Ubuntu:18.04:LTS | linux-oracle | 4.15.0-1027.30, 0, 4.15.0-1007.9 |
| Ubuntu:Pro:FIPS:16.04:LTS | linux-fips | 4.4.0-1017.22, 4.4.0-1023.28, 4.4.0-1022.27 |
| Ubuntu:18.04:LTS | linux-gcp | 4.15.0-1042.45, 5.0.0-1021.21~18.04.1, 5.0.0-1026.27~18.04.1 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 0, 5.15.0-1073.75 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-azure-fips | 4.15.0-1002.2, 0 |
| Ubuntu:20.04:LTS | linux-azure-fde | 5.4.0-1073.76+cvm1.1, 0, 5.4.0-1063.66+cvm2.2 |
| Ubuntu:18.04:LTS | linux-hwe-edge | 5.0.0-15.16~18.04.1, 0, * |
| Ubuntu:20.04:LTS | linux-gke | 5.4.0-1033.35, 5.4.0-1103.110, 5.4.0-1095.102 |
| Ubuntu:18.04:LTS | linux-oem-osp1 | 5.0.0-1028.32, 5.0.0-1030.34, 5.0.0-1039.44 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.3.0-1017.19, 5.3.0-1007.8, 5.3.0-1014.16 |
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-azure-fips | 0, 4.15.0-1002.2 |
…and 33 more
Timeline
- Sep 9, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-0432 third-party-advisory
- https://git.kernel.org/linus/4d1356ac12f4d5180d0df345d85ff0ee42b89c72 third-party-advisory
- https://source.android.com/security/bulletin/pixel/2020-09-01 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-0432 third-party-advisory