CVE-2020-27675

Updated: 2024-11-30 03:01:18.506886

Description:

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.7
CVSS Version 3.x MEDIUM 4.7

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS kernel 2.6.32 4.7 MEDIUM Ignored 2024-05-06 17:20:43
CloudLinux 6 ELS kernel 2.6.32 4.7 MEDIUM Ignored 2024-05-06 17:20:43
Oracle Linux 6 ELS kernel 2.6.32 4.7 MEDIUM Ignored 2024-05-06 21:56:27
Ubuntu 16.04 ELS linux 4.4.0 4.7 MEDIUM Not Vulnerable 2022-04-26 13:02:57
Ubuntu 16.04 ELS linux-hwe 4.15.0 4.7 MEDIUM Ignored 2022-09-28 08:02:32