Vulnerability Details : CVE-2020-27786
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Vulnerability category: Memory CorruptionGain privilege
Threat overview for CVE-2020-27786
Top countries where our scanners detected CVE-2020-27786
Top open port discovered on systems with this issue
53
IPs affected by CVE-2020-27786 718,910
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2020-27786!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2020-27786
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2020-27786
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2020-27786
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: secalert@redhat.com (Primary)
References for CVE-2020-27786
-
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2020/12/03/1
oss-security - Re: Linux Kernel: ALSA: use-after-free Write in snd_rawmidi_kernel_write1Mailing List
-
https://security.netapp.com/advisory/ntap-20210122-0002/
CVE-2020-27786 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1900933
1900933 – (CVE-2020-27786) CVE-2020-27786 kernel: use-after-free in kernel midi subsystemIssue Tracking;Patch;Third Party Advisory
Products affected by CVE-2020-27786
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
- cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*