Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-27777

Опубликовано: 15 дек. 2020
Источник: nvd
CVSS3: 6.7
CVSS2: 7.2
EPSS Низкий

Описание

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 4.14.204 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.15 (включая) до 4.19.155 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.20 (включая) до 5.4.75 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.9.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 5%
0.00025
Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-862

Связанные уязвимости

ubuntu логотип

CVE-2020-27777

CVSS3: 6.7
ubuntu
больше 4 лет назад

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

redhat логотип

CVE-2020-27777

CVSS3: 6.4
redhat
больше 4 лет назад

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

msrc логотип

CVE-2020-27777

CVSS3: 6.7
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-27777

CVSS3: 6.7
debian
больше 4 лет назад

A flaw was found in the way RTAS handled memory accesses in userspace ...

github логотип

GHSA-w5hm-w8cx-wrwr

CVSS3: 6.7
github
около 3 лет назад

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

EPSS

Процентиль: 5%
0.00025
Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-862