What is CVE-2020-35513?

CVE-2020-35513 is a vulnerability in Kernel, classified under Privilege Dropping / Lowering Errors. Published 2021-01-25.

Is CVE-2020-35513 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Kernel

CVE-2020-35513

A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by…

EPSS: 0.003 (55.1th percentile) — read the EPSS interpretation.

Affected products

N/a Kernel — versions before kernel 4.17-rc1

Weakness classification (CWE)

CWE-271 — Privilege Dropping / Lowering Errors

Public proof-of-concept exploits

vincent-deng/veracode-container-security-finding-parser

References

bugzilla.redhat.com/show_bug.cgi (x_refsource_MISC)
patchwork.kernel.org/project/linux-nfs/patch/20180403203916.GH20297@fieldses.or… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-35513?: CVE-2020-35513 is a vulnerability in Kernel, classified under Privilege Dropping / Lowering Errors. Published 2021-01-25.
Is CVE-2020-35513 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.