Vulnerability Details : CVE-2020-27820
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
Exploit prediction scoring system (EPSS) score for CVE-2020-27820
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 12 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2020-27820
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.7
|
MEDIUM | AV:L/AC:M/Au:N/C:N/I:N/A:C |
3.4
|
6.9
|
NIST |
|
4.7
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.0
|
3.6
|
NIST |
CWE ids for CVE-2020-27820
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2020-27820
-
https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/
[PATCH 2/3] drm/nouveau: Add a dedicated mutex for the clients list - Jeremy ClineMailing List;Vendor Advisory
-
https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/
[PATCH 1/3] drm/nouveau: use drm_dev_unplug() during device removal - Jeremy ClineMailing List;Vendor Advisory
-
https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/
[PATCH 3/3] drm/nouveau: clean up all clients on device removal - Jeremy ClineMailing List;Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1901726
Issue Tracking;Patch;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpujul2022.html
Oracle Critical Patch Update Advisory - July 2022Third Party Advisory
Products affected by CVE-2020-27820
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*