Vulnerabilities > CVE-2020-12888 - Improper Handling of Exceptional Conditions vulnerability in multiple products

047910
CVSS 5.3 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
HIGH
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

Vulnerable Configurations

Part Description Count
OS
Linux
4401
OS
Fedoraproject
2
OS
Opensuse
2
OS
Debian
1
OS
Canonical
4
OS
Netapp
14
Application
Netapp
6
Hardware
Netapp
14

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-57BF620276.NASL
    descriptionThe 5.6.14 stable kernel update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-10
    modified2020-06-04
    plugin id137114
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137114
    titleFedora 32 : kernel (2020-57bf620276)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2020-57bf620276.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137114);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09");
    
      script_cve_id("CVE-2020-12888");
      script_xref(name:"FEDORA", value:"2020-57bf620276");
    
      script_name(english:"Fedora 32 : kernel (2020-57bf620276)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "The 5.6.14 stable kernel update contains a number of important fixes
    across the tree
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-57bf620276"
      );
      script_set_attribute(
        attribute:"solution",
        value:"Update the affected kernel package."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:32");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^32([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 32", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2020-12888");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for FEDORA-2020-57bf620276");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    if (rpm_check(release:"FC32", reference:"kernel-5.6.14-300.fc32")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-5436586091.NASL
    descriptionThe 5.6.15 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.14 stable kernel update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-06
    modified2020-06-02
    plugin id137010
    published2020-06-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137010
    titleFedora 31 : kernel (2020-5436586091)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2020-5436586091.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137010);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05");
    
      script_cve_id("CVE-2020-12888");
      script_xref(name:"FEDORA", value:"2020-5436586091");
    
      script_name(english:"Fedora 31 : kernel (2020-5436586091)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "The 5.6.15 stable kernel update contains a number of important fixes
    across the tree.
    
    ----
    
    The 5.6.14 stable kernel update contains a number of important fixes
    across the tree
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-5436586091"
      );
      script_set_attribute(
        attribute:"solution",
        value:"Update the affected kernel package."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^31([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2020-12888");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for FEDORA-2020-5436586091");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    if (rpm_check(release:"FC31", reference:"kernel-5.6.15-200.fc31")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
    }