Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.7
CVSSv3

CVE-2019-20908

Published: 15/07/2020 Updated: 21/07/2021
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Linux Kernel

Vulnerability Summary

An issue exists in drivers/firmware/efi/efi.c in the Linux kernel prior to 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by malicious users to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

opensuse leap 15.1

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

Vendor Advisories

Red Hat: Moderate: kernel security and bug fix update
Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for kernel is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vuln ...
Red Hat: Moderate: kernel-rt security and bug fix update
Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Moderate: kernel security and bug fix update
Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Mailing Lists

Full Disclosure: multiple secure boot grub2 and linux kernel vulnerabilities
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> multiple secure boot grub2 and linux kernel vulnerabilities <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: John ...
Full Disclosure: Re: Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: Re: lockdown bypass on ubuntu 1804's 415 kernel for loading unsigned modules <!--X-Subject-Header-End--> <!--X-Head-of-M ...
Full Disclosure: Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From ...

Github Repositories

https://github.com/Annavid/CVE-2020-15780-exploit

American Unsigned Language by zx2c4 These are two exploits to disable kernel lockdown via ACPI table injection american-unsigned-languagesh is for Ubuntu 1804 Bionic's 415 kernel with their custom patches and uses one technique CVE-2019-20908 american-unsigned-language-2sh is for mainline/upstream kernels and uses a different technique CVE-2020-15780 Explanation i

References

NVD-CWE-noinfohttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1957a85b0032a81e6482ca4aab883643b8dae06ehttps://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.shhttps://mailarchives.bentasker.co.uk/Mirrors/OSSSec/2020/06-Jun/msg00035.htmlhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4http://www.openwall.com/lists/oss-security/2020/07/20/6https://usn.ubuntu.com/4427-1/http://www.openwall.com/lists/oss-security/2020/07/29/3http://www.openwall.com/lists/oss-security/2020/07/30/2http://www.openwall.com/lists/oss-security/2020/07/30/3https://usn.ubuntu.com/4439-1/https://usn.ubuntu.com/4426-1/https://usn.ubuntu.com/4440-1/http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:3228
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook