CVE-2020-27820

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:21

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=1901726 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=1901726 - Issue Tracking, Patch, Third Party Advisory
References () https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory () https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References () https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory () https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References () https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory () https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References () https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory () https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory

30 Jan 2024, 20:48

Type Values Removed Values Added
First Time Oracle communications Cloud Native Core Policy
Oracle communications Cloud Native Core Network Exposure Function
Oracle communications Cloud Native Core Binding Support Function
Oracle
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ - Mailing List, Vendor Advisory
References (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - (MISC) https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ - Mailing List, Vendor Advisory

Information

Published : 2021-11-03 00:15

Updated : 2024-11-21 05:21


NVD link : CVE-2020-27820

Mitre link : CVE-2020-27820

CVE.ORG link : CVE-2020-27820


JSON object : View

Products Affected

oracle

  • communications_cloud_native_core_policy
  • communications_cloud_native_core_binding_support_function
  • communications_cloud_native_core_network_exposure_function

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-416

Use After Free