Null Byte Interaction Error (Poison Null Byte)

CVE-2020-10773

Medium

4.4/10

Summary

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-626 - Null Byte Interaction Error (Poison Null Byte)

The product does not properly handle null bytes or NUL characters when passing data between different representations or components.

References

Advisory Timeline

Published Sep 10, 2020

Null Byte Interaction Error (Poison Null Byte)

CVE-2020-10773

Summary

CWE-626 - Null Byte Interaction Error (Poison Null Byte)

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS