CVE-2020-27786

HIGH

Description

A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free. A write to this specific memory while freed and before use could cause the flow of execution to change and possibly allow for memory corruption or privilege escalation.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1900933

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d

https://security.netapp.com/advisory/ntap-20210122-0002/

Details

Source: MITRE

Published: 2020-12-11

Updated: 2021-01-26

Type: CWE-416

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:5.7:rc6:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
148041EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1684)NessusHuawei Local Security Checks
high
147875SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0835-1)NessusSuSE Local Security Checks
high
147871SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0870-1)NessusSuSE Local Security Checks
high
147690EulerOS : kernel (EulerOS-SA-2021-1642)NessusHuawei Local Security Checks
high
147588EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1386)NessusHuawei Local Security Checks
high
147512EulerOS : kernel (EulerOS-SA-2021-1604)NessusHuawei Local Security Checks
high
146701EulerOS 2.0 SP2 : kernel (EulerOS-SA-2021-1311)NessusHuawei Local Security Checks
high
146511SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1)NessusSuSE Local Security Checks
high
146476SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1)NessusSuSE Local Security Checks
high
146474SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)NessusSuSE Local Security Checks
high
146470SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0434-1)NessusSuSE Local Security Checks
high
146282openSUSE Security Update : RT kernel (openSUSE-2021-242)NessusSuSE Local Security Checks
high
146248OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0005)NessusOracleVM Local Security Checks
high
146096Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9030)NessusOracle Linux Local Security Checks
high
145726EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1148)NessusHuawei Local Security Checks
high
145320openSUSE Security Update : the Linux Kernel (openSUSE-2021-60)NessusSuSE Local Security Checks
high
145287openSUSE Security Update : the Linux Kernel (openSUSE-2021-75)NessusSuSE Local Security Checks
high
145120SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0133-1)NessusSuSE Local Security Checks
high
145025SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0117-1)NessusSuSE Local Security Checks
high
145018SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0118-1)NessusSuSE Local Security Checks
high
144914SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0098-1)NessusSuSE Local Security Checks
high
144693EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1028)NessusHuawei Local Security Checks
high
144687EulerOS : kernel (EulerOS-SA-2021-1009)NessusHuawei Local Security Checks
high
144259SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3798-1)NessusSuSE Local Security Checks
high
144143SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)NessusSuSE Local Security Checks
high