CVE-2020-10058— Multiple Syscalls In kscan Subsystem Performs No Argument Validation
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-10058
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Syscalls In kscan Subsystem Performs No Argument Validation
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Zephyr 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr 2.1.0及之后版本(2.2.0版本已修复)中的Kscan子系统存在输入验证错误漏洞,该漏洞源于在进行多个系统调用时,程序没有执行充分的参数验证。攻击者可利用该漏洞提升权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| zephyrproject-rtos | zephyr | 2.1.0 ~ unspecified | - |
II. Public POCs for CVE-2020-10058
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-10058
请登录查看更多情报信息。
- https://github.com/zephyrproject-rtos/zephyr/pull/23308x_refsource_MISC
- https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-34x_refsource_MISC
- https://github.com/zephyrproject-rtos/zephyr/pull/23748x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-10058
Same Patch Batch · zephyrproject-rtos · 2020-05-11 · 11 CVEs total
| CVE-2020-10022 | 9.0 CRITICAL | UpdateHub Module Copies a Variable-Size Hash String Into a Fixed-Size Array |
| CVE-2020-10019 | 8.1 HIGH | Buffer Overflow in USB DFU requested length |
| CVE-2020-10021 | 8.1 HIGH | Out-of-bounds write in USB Mass Storage with unaligned sizes |
| CVE-2020-10060 | 8.0 HIGH | UpdateHub Might Dereference An Uninitialized Pointer |
| CVE-2020-10024 | 7.8 HIGH | ARM Platform Uses Signed Integer Comparison When Validating Syscall Numbers |
| CVE-2020-10027 | 7.8 HIGH | ARC Platform Uses Signed Integer Comparison When Validating Syscall Numbers |
| CVE-2020-10028 | 7.8 HIGH | Multiple Syscalls In GPIO Subsystem Performs No Argument Validation |
| CVE-2020-10067 | 7.5 HIGH | Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory |
| CVE-2020-10023 | 6.9 MEDIUM | Shell Subsystem Contains a Buffer Overflow Vulnerability In shell_spaces_trim |
| CVE-2020-10059 | 4.8 MEDIUM | UpdateHub Module Explicitly Disables TLS Verification |
IV. Related Vulnerabilities
Same product: zephyr
- CVE-2026-1677
net: TLS 1.2 connections allowed on TLS 1.3 sockets - CVE-2026-5590
net: ip/tcp: Null pointer dereference can be triggered by a - CVE-2026-1679
net: eswifi socket send payload length not bounded - CVE-2026-4179
stm32: usb: Infinite while loop in Interrupt Handler - CVE-2026-0849
crypto: ATAES132A response length allows stack buffer overfl
Same vendor: zephyrproject-rtos
- CVE-2026-1677
net: TLS 1.2 connections allowed on TLS 1.3 sockets - CVE-2026-5590
net: ip/tcp: Null pointer dereference can be triggered by a - CVE-2026-1679
net: eswifi socket send payload length not bounded - CVE-2026-4179
stm32: usb: Infinite while loop in Interrupt Handler - CVE-2026-0849
crypto: ATAES132A response length allows stack buffer overfl
Same weakness: CWE-20
V. Comments for CVE-2020-10058
No comments yet