Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Published

2020-12-11T05:15:12.263

Last Modified

2024-11-21T05:21:49.943

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 4.4.224	Yes
Operating System	linux	linux_kernel	< 4.9.224	Yes
Operating System	linux	linux_kernel	< 4.14.181	Yes
Operating System	linux	linux_kernel	< 4.19.124	Yes
Operating System	linux	linux_kernel	< 5.4.42	Yes
Operating System	linux	linux_kernel	< 5.6.14	Yes
Application	redhat	openshift_container_platform	4.4	Yes
Application	redhat	openshift_container_platform	4.5	Yes
Application	redhat	openshift_container_platform	4.6	Yes
Operating System	redhat	enterprise_linux	7.0	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_mrg	2.0	Yes
Application	netapp	cloud_backup	-	Yes
Hardware	netapp	solidfire_baseboard_management_controller	-	Yes

References

http://www.openwall.com/lists/oss-security/2020/12/03/1 Mailing List ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1900933 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d Patch, Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20210122-0002/ Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2020/12/03/1 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1900933 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20210122-0002/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)