Support Content Notification - Support Portal

CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21241

Last Updated

13 September 2022

Initial Publication Date

13 September 2022

Status

Closed

Severity

Low

CVSS Base Score

Base Score: 3.3 - LOW - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

WorkAround

N/A

Affected CVE

CVE-2020-29371

Summary

Security Advisory ID : BSA-2022-1195

Component : Kernel

Revision : 1.0

An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.

Notes:

Brocade Fabric OS does not utilize the problematic code. Brocade Fabric OS is Not Affected by this vulnerability. Security updates are provided in Brocade Fabric OS version v9.1.0 to remove the vulnerable component.

Products Confirmed Not Vulnerable

No other Brocade Fibre Channel Products from Broadcom products are known to be affected by this vulnerability.

Solution

A security update was provided in Brocade Fabric OS v9.1.0 to remove the vulnerable components.

Revision History

Version	Change	Date
1.0	Initial Publication	Sept 13, 2022