Description
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
Exploits (1)
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory x_refsource_misc
https://lkml.org/lkml/2020/6/7/379
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20201218-0002/
Scores
CVSS v3
6.7
EPSS
0.0015
EPSS Percentile
35.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (19)
broadcom/brocade_fabric_operating_system_firmware
linux/linux_kernel
2.6.38 - 4.4.229
netapp/a250_firmware
netapp/a700s_firmware
netapp/aff_500f_firmware
netapp/aff_8300_firmware
netapp/aff_8700_firmware
netapp/aff_a400_firmware
netapp/cloud_backup
netapp/fabric-attached_storage_a400_firmware
... and 9 more
Published
Nov 23, 2020
Tracked Since
Feb 18, 2026