CVE-2020-27820

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

History

30 Jan 2024, 20:48

Type Values Removed Values Added
First Time Oracle communications Cloud Native Core Policy
Oracle communications Cloud Native Core Network Exposure Function
Oracle communications Cloud Native Core Binding Support Function
Oracle
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory

Information

Published : 2021-11-03 00:15

Updated : 2024-02-28 18:48


NVD link : CVE-2020-27820

Mitre link : CVE-2020-27820

CVE.ORG link : CVE-2020-27820


JSON object : View

Products Affected

oracle

  • communications_cloud_native_core_policy
  • communications_cloud_native_core_network_exposure_function
  • communications_cloud_native_core_binding_support_function

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-416

Use After Free