CVE-2020-27786

HIGH

Linux Kernel < 4.4.224 - Use After Free

Title source: rule
STIX 2.1

Description

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Exploits (4)

nomisec WORKING POC 10 stars
by kiks7 · poc
https://github.com/kiks7/CVE-2020-27786-Kernel-Exploit
nomisec WORKING POC 5 stars
by ii4gsp · poc
https://github.com/ii4gsp/CVE-2020-27786
nomisec WRITEUP
by Trinadh465 · poc
https://github.com/Trinadh465/linux-4.19.72_CVE-2020-27786
nomisec STUB
by elbiazo · poc
https://github.com/elbiazo/CVE-2020-27786

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/12/03/1
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1900933
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210122-0002/

Scores

CVSS v3 7.8
EPSS 0.0662
EPSS Percentile 91.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (9)
linux/linux_kernel < 4.4.224
netapp/cloud_backup
netapp/solidfire_baseboard_management_controller
redhat/enterprise_linux 7.0
redhat/enterprise_linux 8.0
redhat/enterprise_mrg 2.0
redhat/openshift_container_platform 4.4
redhat/openshift_container_platform 4.5
redhat/openshift_container_platform 4.6
Published Dec 11, 2020
Tracked Since Feb 18, 2026