{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T23:35:19.688","vulnerabilities":[{"cve":{"id":"CVE-2020-27786","sourceIdentifier":"secalert@redhat.com","published":"2020-12-11T05:15:12.263","lastModified":"2024-11-21T05:21:49.943","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."},{"lang":"es","value":"Se encontró un fallo en la implementación de MIDI en el kernel de Linux, donde un atacante con una cuenta local y los permisos para emitir comandos ioctl a dispositivos midi podría desencadenar un problema de uso después de la liberación. Una escritura en esta memoria específica mientras está liberada y antes de su uso hace que el flujo de ejecución cambie y posiblemente permita la corrupción de memoria o la escalada de privilegios. La mayor amenaza de esta vulnerabilidad es para la confidencialidad, la integridad y la disponibilidad del sistema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.224","matchCriteriaId":"C371AE92-D5FD-45E1-91D6-0EE05FA6D21C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"4.9.224","matchCriteriaId":"AA91BF70-8648-4C4E-B605-538BF8A2FC27"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.14.181","matchCriteriaId":"06E32062-F304-482F-AF76-B675892181D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.124","matchCriteriaId":"16360395-8BB9-4929-ABD9-D4EEC5DF1F8D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.42","matchCriteriaId":"514407C3-9A5E-4685-88D0-F8106DA8361E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.6.14","matchCriteriaId":"FA9116AC-779C-4BE7-92D1-757CC91A2355"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*","matchCriteriaId":"44C5E433-229C-4BB9-8481-8A74AFA8DB8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*","matchCriteriaId":"D432C063-0805-4151-A819-508FE8954101"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*","matchCriteriaId":"6B62E762-2878-455A-93C9-A5DB430D7BB5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*","matchCriteriaId":"C60FA8B1-1802-4522-A088-22171DCF7A93"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","matchCriteriaId":"5C2089EE-5D7F-47EC-8EA5-0F69790564C4"},{"vulnerable":true,"criteria":"cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*","matchCriteriaId":"090AA6F4-4404-4E26-82AB-C3A22636F276"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2020/12/03/1","source":"secalert@redhat.com","tags":["Mailing List"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900933","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210122-0002/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2020/12/03/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900933","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210122-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}