How severe is CVE-2020-10774?

CVE-2020-10774 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2020-10774

Name: linux_kernel
Author: linux

5.5MEDIUM

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to rea

Published: 5/27/2021Updated: 11/21/2024

Description

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

AI AnalysisPowered by AI

Affected Products

linuxlinux_kernel

References

https://bugzilla.redhat.com/show_bug.cgi?id=1846964
Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1846964
Issue TrackingThird Party Advisory