QwikSec

Security Database

CVE

CWE

Training

CVE-2020-27815

Published: May 26, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Vendor	Product	Versions
n/a	Linux Kernel	affected `5.9.6`

Weaknesses (CWE)

References

[oss-security] 20201201 CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree

mailing-list

x_refsource_MLIST

[oss-security] 20201228 Re: CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1897668%2C

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2020/11/30/5%2C

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2020/12/28/1%2C

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210702-0004/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.