CVE-2020-27815

Name
CVE-2020-27815
Description
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://www.openwall.com/lists/oss-security/2020/11/30/5,
MISC https://www.openwall.com/lists/oss-security/2020/12/28/1,
MLIST http://www.openwall.com/lists/oss-security/2020/11/30/5
MISC https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
DEBIAN https://www.debian.org/security/2021/dsa-4843
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1897668,
MLIST http://www.openwall.com/lists/oss-security/2020/12/28/1
MLIST https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html
MLIST https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
CONFIRM https://security.netapp.com/advisory/ntap-20210702-0004/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:5.9.6:*:*:*:*:*:*:* linux_kernel == None == 5.9.6

Vulnerable and fixed packages

Source package Branch Version Maintainer Status