A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1901726 | Issue Tracking Patch Third Party Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
30 Jan 2024, 20:48
Type | Values Removed | Values Added |
---|---|---|
References | () https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory | |
References | () https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory | |
References | () https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory | |
References | () https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory | |
First Time |
Oracle
Oracle communications Cloud Native Core Policy Oracle communications Cloud Native Core Network Exposure Function Oracle communications Cloud Native Core Binding Support Function |
|
CPE | cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
12 Feb 2023, 23:40
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Feb 2023, 21:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jul 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Nov 2021, 17:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : 4.7
v3 : 4.7 |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/ - Mailing List, Patch, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1901726 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/ - Mailing List, Patch, Vendor Advisory | |
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/ - Exploit, Mailing List, Patch, Vendor Advisory |
03 Nov 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-03 00:15
Updated : 2024-01-30 20:48
NVD link : CVE-2020-27820
Mitre link : CVE-2020-27820
CVE.ORG link : CVE-2020-27820
JSON object : View
Products Affected
fedoraproject
- fedora
oracle
- communications_cloud_native_core_policy
- communications_cloud_native_core_network_exposure_function
- communications_cloud_native_core_binding_support_function
linux
- linux_kernel
CWE
CWE-416
Use After Free