CVE-2020-9391 vulnerability in Fedora Project and Other Products
Published on February 25, 2020

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.

Vendor Advisory NVD

Products Associated with CVE-2020-9391

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-9391 are published in these products:

Fedora Project Fedora

Linux Kernel

NetApp Active Iq Unified Manager

NetApp Cloud Backup

NetApp Data Availability Services

NetApp Hci Management Node

NetApp Solidfire

NetApp Steelstore Cloud Integrated Storage

Exploit Probability

EPSS

0.16%

Percentile

36.82%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-9391 vulnerability in Fedora Project and Other ProductsPublished on February 25, 2020

Products Associated with CVE-2020-9391

Exploit Probability

CVE-2020-9391 vulnerability in Fedora Project and Other Products
Published on February 25, 2020