CVE-2020-13143 vulnerability in Linux and Other Products
Published on May 18, 2020

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-13143

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-13143 are published in these products:

Linux Kernel

OpenSuse Leap

Debian Linux

Canonical Ubuntu Linux

NetApp Cloud Backup

NetApp Element Software

NetApp Steelstore Cloud Integrated Storage

NetApp Solidfire

NetApp Hci Management Node

NetApp Active Iq Unified Manager

Exploit Probability

EPSS

3.27%

Percentile

86.84%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-13143 vulnerability in Linux and Other ProductsPublished on May 18, 2020

Products Associated with CVE-2020-13143

Exploit Probability

CVE-2020-13143 vulnerability in Linux and Other Products
Published on May 18, 2020