Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a CVE vulnerability ID? 
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
New vulnerability? Tell us about it!
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2020-28915
Good to know:
Date: November 18, 2020
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. After conducting further research, Mend has determined that versions v2.6.11-tree--v4.4.238, v4.5-rc1--v4.9.238, v4.10-rc1--v4.14.200, v4.15-rc1--v4.19.150, v5.0-rc1--v5.4.70, v5.5-rc1--v5.8.14 and v5.9-rc1--v5.9-rc8 of Linux Kernel are vulnerable to CVE-2020-28915.
Language: C
Severity Score
Related Resources (10)
Severity Score
Weakness Type (CWE)
Out-of-bounds Read
CWE-125Top Fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | PHYSICAL |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | HIGH |
| User Interaction (UI): | NONE |
| Scope (S): | UNCHANGED |
| Confidentiality (C): | LOW |
| Integrity (I): | HIGH |
| Availability (A): | HIGH |
CVSS v2
| Base Score: |
|
|---|---|
| Access Vector (AV): | LOCAL |
| Access Complexity (AC): | LOW |
| Authentication (AU): | NONE |
| Confidentiality (C): | PARTIAL |
| Integrity (I): | PARTIAL |
| Availability (A): | COMPLETE |
| Additional information: |