CVE-2020-27777Missing Authorization in Kernel

CWE-862Missing Authorization11 documents8 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 92.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelRedhat Enterprise LinuxRedhat Openshift Container Platform
Timeline
PublishedDec 15
Latest updateMay 24

Description

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel4.154.19.155+3
Debianlinux/linux_kernel< 5.9.6-1+3
CVEListV5linux/linux_kernelkernel 5.10-rc1

Also affects: Openshift Container Platform 4.4, 4.5, 4.6, Enterprise Linux 5.0, 6.0, 7.0, 8.0

Patches

Patch: bugzilla.redhat.comPatch: git.kernel.orgPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-w5hm-w8cx-wrwr: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication2022-05-24
OSV
CVE-2020-27777: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication2020-12-15
CVEList
CVE-2020-27777: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication2020-12-15

📋Vendor Advisories

7
Ubuntu
Linux kernel vulnerabilities2021-02-25
Ubuntu
Linux kernel vulnerabilities2021-01-28
Ubuntu
Linux kernel vulnerabilities2021-01-06
Ubuntu
Linux kernel vulnerabilities2021-01-06
Microsoft
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (2020-12-08
CVE-2020-27777 — Missing Authorization in Linux Kernel | cvebase