A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2020/11/30/5 | Exploit Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2020/12/28/1 | Exploit Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1897668%2C | Issue Tracking |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c | Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210702-0004/ | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4843 | Third Party Advisory |
https://www.openwall.com/lists/oss-security/2020/11/30/5%2C | Mailing List |
https://www.openwall.com/lists/oss-security/2020/12/28/1%2C | Mailing List |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2021-05-26T12:18:11
Updated: 2021-07-02T11:06:54
Reserved: 2020-10-27T00:00:00
Link: CVE-2020-27815
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-26T13:15:07.647
Modified: 2023-07-28T19:32:18.583
Link: CVE-2020-27815
JSON object: View
Redhat Information
No data.