A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1901726 | Issue Tracking Patch Third Party Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ | Mailing List Vendor Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
30 Jan 2024, 20:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oracle communications Cloud Native Core Policy
Oracle communications Cloud Native Core Network Exposure Function Oracle communications Cloud Native Core Binding Support Function Oracle |
|
CPE | cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:* |
|
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory | |
References | (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory | |
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory | |
References | (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory |
Information
Published : 2021-11-03 00:15
Updated : 2024-02-28 18:48
NVD link : CVE-2020-27820
Mitre link : CVE-2020-27820
CVE.ORG link : CVE-2020-27820
JSON object : View
Products Affected
oracle
- communications_cloud_native_core_policy
- communications_cloud_native_core_network_exposure_function
- communications_cloud_native_core_binding_support_function
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-416
Use After Free