CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27835

A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 4.9

References

https://bugzilla.redhat.com/show_bug.cgi?id=1901709
https://bugzilla.redhat.com/show_bug.cgi?id=1901709

Products affected by CVE-2020-27835

Linux » Infiniband Hfi1 Driver » Version: Any

cpe:2.3:a:linux:infiniband_hfi1_driver:*
Linux » Infiniband Hfi1 Driver » Version: 5.10

cpe:2.3:a:linux:infiniband_hfi1_driver:5.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27835

Products

Pricing

Contact Us