CVE-2020-25641 vulnerability in Linux and Other Products
Published on October 6, 2020
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Weakness Type
What is an Infinite Loop Vulnerability?
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory.
CVE-2020-25641 has been classified to as an Infinite Loop vulnerability or weakness.
Products Associated with CVE-2020-25641
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-25641 are published in these products:
Exploit Probability
EPSS
0.06%
Percentile
18.43%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.