Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2020-8991

Published: February 14, 2020Last modified: November 8, 2023

Description

vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulnerability since there’s no apparent route to either privilege escalation or to denial of service through the bug

Severity score breakdown

ParameterValue
Base score2.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredHIGH
User interactionNONE
ScopeUNCHANGED
ConfidentialityNONE
Integrity impactNONE
Availability impactLOW
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlvm2Not affected (2.03.17-r1)
Streamlvm2Not affected (2.03.19-r0)

References

ON THIS PAGE