CVE-2020-27830 — NULL Pointer Dereference in Kernel
Severity
5.5MEDIUMNVD
OSV7.8OSV4.1
EPSS
0.1%
top 65.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 13
Latest updateMay 24
Description
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
Also affects: Debian Linux 10.0, 9.0
Patches
🔴Vulnerability Details
6GHSA▶
GHSA-w2vj-j8wh-3c7w: A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whethe↗2022-05-24
OSV▶
CVE-2020-27830: A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whethe↗2021-05-13
OSV▶
linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities↗2021-02-25
OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabil↗2021-02-25