1. Home
  2. Vulnerabilities
  3. CVE-2020-27815

CVE-2020-27815

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 6.1 (Medium)
61% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 22
Advisories 24
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2021-05-26 13:15:07
(3 years ago)
Updated Date
2023-07-28 19:32:18
(13 months ago)

Affected Products

Debian

Linux

Netapp

Configuration #1

AND
    CPE23 From Up To
OR  
  Linux Kernel above 4.4.249 version cpe:2.3:o:linux:linux_kernel > 4.4.249
OR  
  Running on/with
  Linux Kernel from 4.5 version and prior 4.9.249 version cpe:2.3:o:linux:linux_kernel >= 4.5 < 4.9.249
OR  
  Running on/with
  Linux Kernel from 4.10 version and prior 4.14.213 version cpe:2.3:o:linux:linux_kernel >= 4.10 < 4.14.213
OR  
  Running on/with
  Linux Kernel from 4.15 version and prior 4.19.164 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.164
OR  
  Running on/with
  Linux Kernel from 4.20 version and prior 5.4.86 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.86
OR  
  Running on/with
  Linux Kernel from 5.5 version and prior 5.10.4 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.4

Configuration #2

AND
    CPE23 From Up To
OR  
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0
OR  
  Running on/with
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

AND
    CPE23 From Up To
OR  
  Netapp H300s Firmware cpe:2.3:o:netapp:h300s_firmware:-
OR  
  Running on/with
  Netapp H300s cpe:2.3:h:netapp:h300s:-

Configuration #4

AND
    CPE23 From Up To
OR  
  Netapp H500s Firmware cpe:2.3:o:netapp:h500s_firmware:-
OR  
  Running on/with
  Netapp H500s cpe:2.3:h:netapp:h500s:-

Configuration #5

AND
    CPE23 From Up To
OR  
  Netapp H700s Firmware cpe:2.3:o:netapp:h700s_firmware:-
OR  
  Running on/with
  Netapp H700s cpe:2.3:h:netapp:h700s:-

Configuration #6

AND
    CPE23 From Up To
OR  
  Netapp H300e Firmware cpe:2.3:o:netapp:h300e_firmware:-
OR  
  Running on/with
  Netapp H300e cpe:2.3:h:netapp:h300e:-

Configuration #7

AND
    CPE23 From Up To
OR  
  Netapp H500e Firmware cpe:2.3:o:netapp:h500e_firmware:-
OR  
  Running on/with
  Netapp H500e cpe:2.3:h:netapp:h500e:-

Configuration #8

AND
    CPE23 From Up To
OR  
  Netapp H700e Firmware cpe:2.3:o:netapp:h700e_firmware:-
OR  
  Running on/with
  Netapp H700e cpe:2.3:h:netapp:h700e:-

Configuration #9

AND
    CPE23 From Up To
OR  
  Netapp H410s Firmware cpe:2.3:o:netapp:h410s_firmware:-
OR  
  Running on/with
  Netapp H410s cpe:2.3:h:netapp:h410s:-

Configuration #10

AND
    CPE23 From Up To
OR  
  Netapp H410c Firmware cpe:2.3:o:netapp:h410c_firmware:-
OR  
  Running on/with
  Netapp H410c cpe:2.3:h:netapp:h410c:-

Configuration #11

AND
    CPE23 From Up To
OR  
  Netapp Aff A250 Firmware cpe:2.3:o:netapp:aff_a250_firmware:-
OR  
  Running on/with
  Netapp Aff A250 cpe:2.3:h:netapp:aff_a250:-

Configuration #12

AND
    CPE23 From Up To
OR  
  Netapp Fas500f Firmware cpe:2.3:o:netapp:fas500f_firmware:-
OR  
  Running on/with
  Netapp Fas500f cpe:2.3:h:netapp:fas500f:-