CVE-2020-12464

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

History

12 Oct 2023, 14:10

Type Values Removed Values Added
CPE cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20200608-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20200608-0001/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4391-1/ - (UBUNTU) https://usn.ubuntu.com/4391-1/ - Third Party Advisory, VDB Entry
References (DEBIAN) https://www.debian.org/security/2020/dsa-4698 - (DEBIAN) https://www.debian.org/security/2020/dsa-4698 - Third Party Advisory, VDB Entry
References (UBUNTU) https://usn.ubuntu.com/4388-1/ - (UBUNTU) https://usn.ubuntu.com/4388-1/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4389-1/ - (UBUNTU) https://usn.ubuntu.com/4389-1/ - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4387-1/ - (UBUNTU) https://usn.ubuntu.com/4387-1/ - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2020/dsa-4699 - (DEBIAN) https://www.debian.org/security/2020/dsa-4699 - Third Party Advisory, VDB Entry
References (UBUNTU) https://usn.ubuntu.com/4390-1/ - (UBUNTU) https://usn.ubuntu.com/4390-1/ - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html - Third Party Advisory
First Time Netapp hci Compute Node
Netapp solidfire \& Hci Storage Node
Netapp aff A700s
Netapp hci Baseboard Management Controller
Netapp
Netapp cloud Backup
Netapp solidfire Baseboard Management Controller
Netapp hci Storage Nodes
Netapp steelstore Cloud Integrated Storage
Netapp active Iq Unified Manager

Information

Published : 2020-04-29 18:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-12464

Mitre link : CVE-2020-12464

CVE.ORG link : CVE-2020-12464


JSON object : View

Products Affected

linux

  • linux_kernel

netapp

  • steelstore_cloud_integrated_storage
  • solidfire_baseboard_management_controller
  • hci_storage_nodes
  • solidfire_\&_hci_storage_node
  • cloud_backup
  • aff_a700s
  • hci_compute_node
  • active_iq_unified_manager
  • hci_baseboard_management_controller
CWE
CWE-416

Use After Free