Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2020-27830

Published: 13/05/2021 Updated: 07/09/2021
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Debian Security Advisories: DSA-4843-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of service CVE-2020-27825 Adam pi3 Z ...
Arch Linux Issues:
A security issue was found in the speakup module of the Linux kernel In the spk_ttyio_receive_buf2() function in drivers/accessibility/speakup/spk_ttyioc, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a null pointer dereference crash ...

Mailing Lists

Full Disclosure: Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
Hi, CVE-2020-27830 has been assigned to this issue Regards, Bodong On Mon, Dec 7, 2020 at 6:23 PM John Haxby <johnhaxby () oracle com> wrote: ...
Full Disclosure: Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
Hi, CVE-2020-27830 was assigned on linux-distros by Redhat (It might be good to keep discussions on oss-security after publication to avoid parallel threads) Ciao, Marcus On Mon, Dec 07, 2020 at 07:02:02PM +0800, - Nop wrote: ...

References

CWE-476https://bugzilla.redhat.com/show_bug.cgi?id=1919900http://www.openwall.com/lists/oss-security/2020/12/08/1http://www.openwall.com/lists/oss-security/2020/12/08/4https://www.debian.org/security/2021/dsa-4843https://lists.debian.org/debian-lts-announce/2021/02/msg00018.htmlhttps://security.netapp.com/advisory/ntap-20210625-0004/https://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4843
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316firmwareCVE-2024-30078CVE-2024-5995remote code executionlogic flawCVE-2024-20693CVE-2024-37315CVE-2024-5464
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook