Vulnerabilities > CVE-2020-25285 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

Vulnerable Configurations

Part Description Count
OS
Linux
3607
OS
Debian
1
OS
Canonical
4

Common Weakness Enumeration (CWE)