{
  "threat_severity" : "Important",
  "public_date" : "2020-06-04T09:00:00Z",
  "bugzilla" : {
    "description" : "kernel: kernel: DAX hugepages not considered during mremap",
    "id" : "1842525",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1842525"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-119",
  "details" : [ "A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.", "A flaw was found in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system." ],
  "statement" : "This issue requires access to a DAX enabled storage.\nThis issue affects Red Hat Enterprise Linux 7 kernels starting with kernel-3.10.0-862, that is Red Hat Enterprise Linux 7.5 GA kernel. Red Hat Enterprise Linux 7 kernels prior to that version are not affected as they did not include the functionality that enabled this issue to be exploited.\nRed Hat Product Security is aware of this issue. Updates will be released as they become available.",
  "acknowledgement" : "Red Hat would like to thank Fan Yang for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3221",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-1127.18.2.rt56.1116.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3220",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-1127.18.2.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3226",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.6",
    "package" : "kernel-0:3.10.0-957.58.2.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support",
    "release_date" : "2020-09-01T00:00:00Z",
    "advisory" : "RHSA-2020:3598",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.7",
    "package" : "kernel-0:3.10.0-1062.33.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-07-21T00:00:00Z",
    "advisory" : "RHSA-2020:3016",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-193.13.2.rt13.65.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-07-21T00:00:00Z",
    "advisory" : "RHSA-2020:3010",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-193.13.2.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions",
    "release_date" : "2020-07-21T00:00:00Z",
    "advisory" : "RHSA-2020:3041",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.0",
    "package" : "kernel-0:4.18.0-80.27.1.el8_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3222",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.1",
    "package" : "kernel-0:4.18.0-147.24.2.el8_1"
  }, {
    "product_name" : "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3226",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor",
    "package" : "kernel-0:3.10.0-957.58.2.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Affected",
    "package_name" : "kernel-alt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-10757\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10757\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5bfea2d9b17f1034a68147a8b03b9789af5700f9\nhttps://www.openwall.com/lists/oss-security/2020/06/04/4" ],
  "name" : "CVE-2020-10757",
  "mitigation" : {
    "value" : "Do not use DAX enabled storage.",
    "lang" : "en:us"
  },
  "csaw" : false
}