Main Vulnerability Database Vulnerabilities #VU66026

#VU66026 Out-of-bounds write in Linux kernel - CVE-2020-0465

Published: August 3, 2022

Vulnerability identifier: #VU66026

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-0465

CWE-ID: CWE-787

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows an attacker with physical access to escalate privileges on the system.

The vulnerability exists due to an out of bounds write in various methods of hid-multitouch.c. An attacker with physical access can trigger out-of-bounds write and escalate privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://source.android.com/security/bulletin/2020-12-01

#VU66026 Out-of-bounds write in Linux kernel - CVE-2020-0465

Description

Remediation

External links

Please verify you're human