CVE-2020-27815
CVE-2020-27815
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
26 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Affected products
n/a · Linux KernelWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.redhat.com/show_bug.cgi?id=1897668%2Chttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6chttps://lists.debian.org/debian-lts-announce/2021/02/msg00018.htmlhttps://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlhttps://security.netapp.com/advisory/ntap-20210702-0004/https://www.debian.org/security/2021/dsa-4843https://www.openwall.com/lists/oss-security/2020/11/30/5%2Chttps://www.openwall.com/lists/oss-security/2020/12/28/1%2Chttp://www.openwall.com/lists/oss-security/2020/11/30/5http://www.openwall.com/lists/oss-security/2020/12/28/1