CVE-2020-25662 MEDIUM

CVE-2020-25662

Vendor Red Hat
Product kernel
Weakness CWE-284
Published November 5, 2020
Last update August 4, 2024

CVSS base score

5.3/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

Key dates

02Disclosure timeline

November 5, 2020 CVE published
August 4, 2024 Record updated