CVE-2020-25639
MEDIUMLinux Kernel < 5.11.2 - NULL Pointer Dereference in Nouveau GPU Driver via DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC
Title source: llmDescription
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.
References (3)
Core 3
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1876995
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE4CT3NL6OEBRRBUKHIX63GLNVOWCVRW/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUCBCKRHWP3UD2AVVYQJE7BIJEMCMXW5/
Scores
CVSS v3
4.4
EPSS
0.0012
EPSS Percentile
31.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (11)
fedoraproject/fedora
32
fedoraproject/fedora
33
linux/linux_kernel
< 5.11.2
redhat/enterprise_linux
5.0
redhat/enterprise_linux
6.0
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
redhat/messaging_realtime_grid
2.0
redhat/openshift_container_platform
4.4
redhat/openshift_container_platform
4.5
... and 1 more
Published
Mar 04, 2021
Tracked Since
Feb 18, 2026