Main Vulnerability Database Vulnerabilities #VU66026

Out-of-bounds write in Linux kernel - CVE-2020-0465

Published: August 3, 2022

Vulnerability identifier: #VU66026

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-0465

CWE-ID: CWE-787

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows an attacker with physical access to escalate privileges on the system.

The vulnerability exists due to an out of bounds write in various methods of hid-multitouch.c. An attacker with physical access can trigger out-of-bounds write and escalate privileges on the system.

How to mitigate CVE-2020-0465

Install updates from vendor's website.

Sources

https://source.android.com/security/bulletin/2020-12-01

Out-of-bounds write in Linux kernel - CVE-2020-0465

Detailed vulnerability description

How to mitigate CVE-2020-0465

Sources

Please verify you're human