Vulnerabilities > CVE-2020-27825

CVSS 5.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

local

high complexity

NVD

Published: 2020-12-11

Updated: 2024-11-21

Summary

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.10	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0 Redhat Enterprise MRG 2.0	3
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2
OS	Netapp Netapp Solidfire Baseboard Management Controller Firmware - Netapp H410C Firmware -	2
Application	Netapp Netapp Cloud Backup -	1
Hardware	Netapp Netapp Solidfire Baseboard Management Controller - Netapp H410C -	2

Vulnerabilities > CVE-2020-27825 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-27825"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-27825