CVE-2020-36776: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreq_cooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index. Return the lowest frequency if limited power cannot found a suitable OPP in EM table to fix this issue. Backtrace: [<ffffffd02d2a37f0>] die+0x104/0x5ac [<ffffffd02d2a5630>] bug_handler+0x64/0xd0 [<ffffffd02d288ce4>] brk_handler+0x160/0x258 [<ffffffd02d281e5c>] do_debug_exception+0x248/0x3f0 [<ffffffd02d284488>] el1_dbg+0x14/0xbc [<ffffffd02d75d1d4>] __kasan_report+0x1dc/0x1e0 [<ffffffd02d75c2e0>] kasan_report+0x10/0x20 [<ffffffd02d75def8>] __asan_report_load8_noabort+0x18/0x28 [<ffffffd02e6fce5c>] cpufreq_power2state+0x180/0x43c [<ffffffd02e6ead80>] power_actor_set_power+0x114/0x1d4 [<ffffffd02e6fac24>] allocate_power+0xaec/0xde0 [<ffffffd02e6f9f80>] power_allocator_throttle+0x3ec/0x5a4 [<ffffffd02e6ea888>] handle_thermal_trip+0x160/0x294 [<ffffffd02e6edd08>] thermal_zone_device_check+0xe4/0x154 [<ffffffd02d351cb4>] process_one_work+0x5e4/0xe28 [<ffffffd02d352f44>] worker_thread+0xa4c/0xfac [<ffffffd02d360124>] kthread+0x33c/0x358 [<ffffffd02d289940>] ret_from_fork+0xc/0x18
AI Analysis
Technical Summary
CVE-2020-36776 is a vulnerability identified in the Linux kernel, specifically within the thermal management subsystem related to CPU frequency cooling drivers. The issue arises in the function cpu_power_to_freq(), which is responsible for mapping power limits to operating performance points (OPPs) in the energy model (EM) table. When the power limit is set below the power consumption of the lowest OPP (OPP0), the function attempts to access an array index with a negative value, causing a slab out-of-bounds (OOB) memory access. This is detected by Kernel Address Sanitizer (KASAN) as an invalid memory access, which can lead to kernel crashes or undefined behavior. The vulnerability is triggered when the power limit cannot find a suitable OPP in the EM table, resulting in an out-of-bounds array index and potential memory corruption. The kernel patch fixes this by returning the lowest frequency instead of allowing an invalid array index access. The backtrace provided shows the kernel call stack leading to the fault, indicating the problem occurs during thermal trip handling and power allocation throttling. This vulnerability affects multiple Linux kernel versions identified by specific commit hashes, and no known exploits are currently reported in the wild. The issue is rooted in kernel memory safety and affects the integrity and availability of the system due to potential kernel panics or crashes caused by the out-of-bounds access.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions, especially those deployed in environments where thermal management and CPU frequency scaling are critical, such as data centers, cloud infrastructure, and embedded systems. Exploitation could lead to kernel crashes, resulting in denial of service (DoS) conditions that disrupt business operations, especially for services relying on Linux-based servers or network devices. While there is no evidence of remote exploitation or privilege escalation, the instability caused by this bug could affect system availability and reliability. Organizations in sectors with high uptime requirements, such as finance, telecommunications, and critical infrastructure, could experience operational impacts. Additionally, embedded Linux devices used in industrial control systems or IoT deployments in Europe might be affected if they use vulnerable kernel versions. Although no known exploits exist, the presence of this vulnerability increases the attack surface and could be leveraged in combination with other vulnerabilities to escalate impact.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to versions where this vulnerability is patched. Since the issue is related to specific commit hashes, applying the latest stable kernel releases or vendor-provided security patches that address CVE-2020-36776 is essential. For embedded or custom Linux distributions, recompiling the kernel with the fix is recommended. Additionally, organizations should audit their systems to identify those running affected kernel versions, especially in critical infrastructure and cloud environments. Implementing kernel hardening techniques such as enabling KASAN in testing environments can help detect similar issues early. Monitoring system logs for thermal trip events and kernel warnings may provide early indicators of exploitation attempts or instability. Where possible, restricting access to systems with vulnerable kernels and limiting user privileges can reduce the risk of exploitation. Finally, maintaining robust backup and recovery procedures will mitigate downtime in case of crashes caused by this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2020-36776: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreq_cooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index. Return the lowest frequency if limited power cannot found a suitable OPP in EM table to fix this issue. Backtrace: [<ffffffd02d2a37f0>] die+0x104/0x5ac [<ffffffd02d2a5630>] bug_handler+0x64/0xd0 [<ffffffd02d288ce4>] brk_handler+0x160/0x258 [<ffffffd02d281e5c>] do_debug_exception+0x248/0x3f0 [<ffffffd02d284488>] el1_dbg+0x14/0xbc [<ffffffd02d75d1d4>] __kasan_report+0x1dc/0x1e0 [<ffffffd02d75c2e0>] kasan_report+0x10/0x20 [<ffffffd02d75def8>] __asan_report_load8_noabort+0x18/0x28 [<ffffffd02e6fce5c>] cpufreq_power2state+0x180/0x43c [<ffffffd02e6ead80>] power_actor_set_power+0x114/0x1d4 [<ffffffd02e6fac24>] allocate_power+0xaec/0xde0 [<ffffffd02e6f9f80>] power_allocator_throttle+0x3ec/0x5a4 [<ffffffd02e6ea888>] handle_thermal_trip+0x160/0x294 [<ffffffd02e6edd08>] thermal_zone_device_check+0xe4/0x154 [<ffffffd02d351cb4>] process_one_work+0x5e4/0xe28 [<ffffffd02d352f44>] worker_thread+0xa4c/0xfac [<ffffffd02d360124>] kthread+0x33c/0x358 [<ffffffd02d289940>] ret_from_fork+0xc/0x18
AI-Powered Analysis
Technical Analysis
CVE-2020-36776 is a vulnerability identified in the Linux kernel, specifically within the thermal management subsystem related to CPU frequency cooling drivers. The issue arises in the function cpu_power_to_freq(), which is responsible for mapping power limits to operating performance points (OPPs) in the energy model (EM) table. When the power limit is set below the power consumption of the lowest OPP (OPP0), the function attempts to access an array index with a negative value, causing a slab out-of-bounds (OOB) memory access. This is detected by Kernel Address Sanitizer (KASAN) as an invalid memory access, which can lead to kernel crashes or undefined behavior. The vulnerability is triggered when the power limit cannot find a suitable OPP in the EM table, resulting in an out-of-bounds array index and potential memory corruption. The kernel patch fixes this by returning the lowest frequency instead of allowing an invalid array index access. The backtrace provided shows the kernel call stack leading to the fault, indicating the problem occurs during thermal trip handling and power allocation throttling. This vulnerability affects multiple Linux kernel versions identified by specific commit hashes, and no known exploits are currently reported in the wild. The issue is rooted in kernel memory safety and affects the integrity and availability of the system due to potential kernel panics or crashes caused by the out-of-bounds access.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions, especially those deployed in environments where thermal management and CPU frequency scaling are critical, such as data centers, cloud infrastructure, and embedded systems. Exploitation could lead to kernel crashes, resulting in denial of service (DoS) conditions that disrupt business operations, especially for services relying on Linux-based servers or network devices. While there is no evidence of remote exploitation or privilege escalation, the instability caused by this bug could affect system availability and reliability. Organizations in sectors with high uptime requirements, such as finance, telecommunications, and critical infrastructure, could experience operational impacts. Additionally, embedded Linux devices used in industrial control systems or IoT deployments in Europe might be affected if they use vulnerable kernel versions. Although no known exploits exist, the presence of this vulnerability increases the attack surface and could be leveraged in combination with other vulnerabilities to escalate impact.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to versions where this vulnerability is patched. Since the issue is related to specific commit hashes, applying the latest stable kernel releases or vendor-provided security patches that address CVE-2020-36776 is essential. For embedded or custom Linux distributions, recompiling the kernel with the fix is recommended. Additionally, organizations should audit their systems to identify those running affected kernel versions, especially in critical infrastructure and cloud environments. Implementing kernel hardening techniques such as enabling KASAN in testing environments can help detect similar issues early. Monitoring system logs for thermal trip events and kernel warnings may provide early indicators of exploitation attempts or instability. Where possible, restricting access to systems with vulnerable kernels and limiting user privileges can reduce the risk of exploitation. Finally, maintaining robust backup and recovery procedures will mitigate downtime in case of crashes caused by this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-26T17:07:27.434Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9821c4522896dcbddf96
Added to database: 5/21/2025, 9:08:49 AM
Last enriched: 6/28/2025, 4:39:57 AM
Last updated: 7/26/2025, 3:22:24 AM
Views: 12
Related Threats
CVE-2025-49568: Use After Free (CWE-416) in Adobe Illustrator
MediumCVE-2025-49567: NULL Pointer Dereference (CWE-476) in Adobe Illustrator
MediumCVE-2025-49564: Stack-based Buffer Overflow (CWE-121) in Adobe Illustrator
HighCVE-2025-49563: Out-of-bounds Write (CWE-787) in Adobe Illustrator
HighCVE-2025-32086: Escalation of Privilege in Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.