vulnerability

Oracle Linux: CVE-2020-25662: ELSA-2020-4685: kernel security update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:A/AC:L/Au:N/C:P/I:N/A:N)	Nov 3, 2020	Nov 23, 2022	Dec 3, 2025

Severity

CVSS

(AV:A/AC:L/Au:N/C:P/I:N/A:N)

Published

Nov 3, 2020

Added

Nov 23, 2022

Modified

Dec 3, 2025

Description

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

Solution

oracle-linux-upgrade-kernel

References

CVE-2020-25662
https://attackerkb.com/topics/CVE-2020-25662
ELSA-ELSA-2020-4685
CWE-284
CWE-665

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today