CVE-2020-27786 vulnerability in Red Hat and Other Products
Published on December 11, 2020
A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2020-27786 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2020-27786
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-27786 are published in these products:
Exploit Probability
EPSS
9.89%
Percentile
92.89%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.