CVE-2020-27820
CVE-2020-27820
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
02 Nov 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
Affected products
n/a · kernelReferences
https://bugzilla.redhat.com/show_bug.cgi?id=1901726https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/https://www.oracle.com/security-alerts/cpujul2022.html