Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-20873

Summary
Assigner-SamsungMobile
Assigner Org ID-3af57064-a867-422c-b2ad-40307b65c458
Published At-04 Jun, 2024 | 06:42
Updated At-01 Aug, 2024 | 22:06
Rejected At-
Credits

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:SamsungMobile
Assigner Org ID:3af57064-a867-422c-b2ad-40307b65c458
Published At:04 Jun, 2024 | 06:42
Updated At:01 Aug, 2024 | 22:06
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

Affected Products
Vendor
Samsung ElectronicsSamsung Mobile
Product
Samsung Mobile Devices
Default Status
affected
Versions
Unaffected
  • SMR Jun-2024 Release in Android 14 devices with Exynos s5e8825 chipset
Problem Types
TypeCWE IDDescription
N/AN/ACWE-787 Out-of-bounds Write
Type: N/A
CWE ID: N/A
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.14.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 4.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
N/A
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
x_transferred
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:mobile.security@samsung.com
Published At:04 Jun, 2024 | 07:15
Updated At:10 Feb, 2025 | 21:58

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Primary3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 4.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CPE Matches
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*
Samsung
samsung
>>android>>14.0
cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*
Samsung
samsung
>>exynos_1280>>-
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06mobile.security@samsung.com
Vendor Advisory
https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
Source: mobile.security@samsung.com
Resource:
Vendor Advisory
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

260Records found
CVE-2025-20731
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 3.96%
||
7 Day CHG+0.01%
Published-04 Nov, 2025 | 06:20
Updated-26 Feb, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441511; Issue ID: MSV-4140.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-software_development_kitmt7981mt7622mt7615mt7663mt7986mt7915openwrtmt7916mt6890MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20729
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 4.01%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:20
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-4153.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-mt7615mt7622mt7916openwrtmt7986mt7981mt6890mt7915software_development_kitmt7663MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20732
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 3.96%
||
7 Day CHG+0.01%
Published-04 Nov, 2025 | 06:20
Updated-26 Feb, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-software_development_kitmt7981mt7622mt7615mt7663mt7986mt7915openwrtmt7916mt6890MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20734
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.02% / 3.96%
||
7 Day CHG+0.01%
Published-04 Nov, 2025 | 06:20
Updated-26 Feb, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441507; Issue ID: MSV-4112.

Action-Not Available
Vendor-MediaTek Inc.OpenWrt
Product-software_development_kitmt7981mt7622mt7615mt7663mt7986mt7915openwrtmt7916mt6890MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-31031
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.03% / 9.67%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 18:31
Updated-09 Oct, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering.

Action-Not Available
Vendor-NVIDIA Corporation
Product-dgx_a100_firmwaredgx_a100DGX A100
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36382
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.13% / 33.15%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_controller_e810-cam1ethernet_network_controller_e810-cam1_firmwareethernet_controller_xl710-am2_firmwareethernet_controller_x710-am2ethernet_controller_x710-bm2_firmwareethernet_converged_network_adapter_x710-da2_firmwareethernet_controller_x710-am2_firmwareethernet_controller_xxv710-am1ethernet_converged_network_adapter_xl710-da2_firmwareethernet_controller_xl710-am1ethernet_controller_xl710-bm2ethernet_converged_network_adapter_x710-da2ethernet_converged_network_adapter_x710-da4ethernet_controller_xxv710-am2_firmwareethernet_controller_xl710-am1_firmwareethernet_controller_x710-bm2ethernet_converged_network_adapter_xl710-da1_firmwareethernet_controller_xl710-bm1ethernet_network_controller_e810-cam2_firmwareethernet_controller_xl710-bm1_firmwareethernet_network_controller_e810-xxvam2ethernet_controller_xxv710-am2ethernet_network_controller_e810-cam2ethernet_converged_network_adapter_x710-da4_firmwareethernet_controller_xxv710-am1_firmwareethernet_network_controller_e810-xxvam2_firmwareethernet_converged_network_adapter_xl710-da2ethernet_converged_network_adapter_xl710-da1ethernet_controller_xl710-am2ethernet_controller_xl710-bm2_firmwareIntel(R) Ethernet Network Controllers and Adapters E810 Series and some Intel(R) Ethernet 700 Series Controllers and Adapters
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-24919
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6||MEDIUM
EPSS-0.00% / 0.07%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:53
Updated-10 Feb, 2026 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22453
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 6.77%
||
7 Day CHG-0.00%
Published-19 Mar, 2024 | 07:42
Updated-04 Feb, 2025 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

Action-Not Available
Vendor-Dell Inc.
Product-xc730xd_firmwarenx3230_firmwarepoweredge_fc430_firmwarexc430_firmwarepoweredge_r730xdpoweredge_r530poweredge_r630poweredge_r630_firmwarepoweredge_m830_\(pe_vrtx\)poweredge_r730xd_firmwarepoweredge_t630_firmwarepoweredge_c6320_firmwarepoweredge_fc630_firmwarepoweredge_fc430poweredge_m630xc6320_firmwarexc730_firmwarepoweredge_m830_firmwarepoweredge_t430poweredge_r730poweredge_fc630nx3230poweredge_r930_firmwarepoweredge_m630_\(pe_vrtx\)_firmwarenx3330poweredge_r830_firmwarepoweredge_r430_firmwarepoweredge_fc830poweredge_m830_\(pe_vrtx\)_firmwarenx3330_firmwarepoweredge_c4130poweredge_r830xc430poweredge_fc830_firmwarexc6320poweredge_c6320poweredge_r730_firmwarexc730xc730xdpoweredge_c4130_firmwarepoweredge_t430_firmwarepoweredge_r530_firmwarepoweredge_t630xc630_firmwarepoweredge_r430poweredge_m830xc630poweredge_m630_\(pe_vrtx\)poweredge_r930poweredge_m630_firmwarePowerEdge Platform
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32493
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11565
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.08% / 24.25%
||
7 Day CHG~0.00%
Published-06 Apr, 2020 | 00:08
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found