CVE-2020-27784
SUSE Security Advisory - SUSE-SU-2022:3264-1
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().
Se encontró una vulnerabilidad en el kernel de Linux, donde al acceder a una instancia desasignada en printer_ioctl() printer_ioctl() intenta acceder a una instancia de printer_dev. Sin embargo, es producido un uso de memoria previamente liberada porque había sido liberada por la función gprinter_free()
An update that solves 26 vulnerabilities, contains two features and has 89 fixes is now available. The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bug fixes.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-10-27 CVE Reserved
- 2022-09-01 CVE Published
- 2024-08-04 CVE Updated
- 2025-06-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-201: Insertion of Sensitive Information Into Sent Data
- CWE-416: Use After Free
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8d5f92b8d30bb4ade76494490c3c065e12411b1 | 2023-05-16 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.1 < 4.4.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.1 < 4.4.241" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.9.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.241" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 4.19.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.19.154" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.73 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.73" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.8.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.8.17" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9.0 < 5.9.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9.0 < 5.9.2" | - |
Affected
| ||||||