Lucene search

K
cveRedhatCVE-2020-27777
HistoryDec 15, 2020 - 5:15 p.m.

CVE-2020-27777

2020-12-1517:15:14
CWE-862
redhat
web.nvd.nist.gov
353
cve-2020-27777
rtas
memory access
userspace
kernel communication
local user privilege
powervm
kvm hypervisor
pseries platform
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.1%

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

Affected configurations

Nvd
Vulners
Node
linuxlinux_kernelRange<4.14.204
OR
linuxlinux_kernelRange4.154.19.155
OR
linuxlinux_kernelRange4.205.4.75
OR
linuxlinux_kernelRange5.55.9.5
Node
redhatopenshift_container_platformMatch4.4
OR
redhatopenshift_container_platformMatch4.5
OR
redhatopenshift_container_platformMatch4.6
OR
redhatenterprise_linuxMatch5.0
OR
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linuxMatch7.0
OR
redhatenterprise_linuxMatch8.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
redhatopenshift_container_platform4.4cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*
redhatopenshift_container_platform4.5cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*
redhatopenshift_container_platform4.6cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
redhatenterprise_linux5.0cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
redhatenterprise_linux6.0cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
redhatenterprise_linux7.0cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "kernel 5.10-rc1"
      }
    ]
  }
]

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.1%