CVE-2020-27152
First published: Sun Aug 02 2020(Updated: )
A stack overflow flaw via an infinite loop condition issue was found in the KVM hypervisor of the Linux kernel. This flaw occurs while processing interrupts because the IRQ state is erroneously set. This flaw allows a guest user to crash the host kernel, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-240.22.1.rt7.77.el8_3 | 0:4.18.0-240.22.1.rt7.77.el8_3 |
| redhat/kernel | <0:4.18.0-240.22.1.el8_3 | 0:4.18.0-240.22.1.el8_3 |
| redhat/Linux | <5.10 | 5.10 |
| Linux Kernel | <5.9.2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.135-1 6.12.25-1 6.12.27-1 |
Remedy
Disabling APICV by setting the kvm_intel.enable_apicv=0 parameter helps to avoid this situation.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-27152 https://nvd.nist.gov/vuln/detail/CVE-2020-27152 https://bugzilla.kernel.org/show_bug.cgi?id=208767 https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da https://www.openwall.com/lists/oss-security/2020/11/03/1
- https://bugzilla.redhat.com/show_bug.cgi?id=1888886
- https://access.redhat.com/errata/RHSA-2021:1081
- https://access.redhat.com/errata/RHSA-2021:1093
- https://access.redhat.com/security/cve/cve-2020-27152
- http://www.openwall.com/lists/oss-security/2020/11/03/1
- https://bugzilla.kernel.org/show_bug.cgi?id=208767
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da
- https://launchpad.net/bugs/cve/CVE-2020-27152
- https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da
- https://www.openwall.com/lists/oss-security/2020/11/03/1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1888887
- https://security-tracker.debian.org/tracker/CVE-2020-27152
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27152
- https://nvd.nist.gov/vuln/detail/CVE-2020-27152
- https://ubuntu.com/security/CVE-2020-27152
Frequently Asked Questions
What is the severity of CVE-2020-27152?
CVE-2020-27152 is classified with a high severity rating due to its potential to cause denial of service.
How can I fix CVE-2020-27152?
To fix CVE-2020-27152, update your Linux kernel to version 0:4.18.0-240.22.1.rt7.77.el8_3 or later, or to 5.10.223-1 or later, as recommended.
Which systems are affected by CVE-2020-27152?
CVE-2020-27152 affects various Linux kernel versions, specifically those prior to 5.10.
What impact does CVE-2020-27152 have on system performance?
CVE-2020-27152 can lead to a stack overflow, resulting in the crashing of the host kernel and overall system instability.
Is CVE-2020-27152 remote exploit opportunity?
Yes, CVE-2020-27152 can be exploited by a guest user to crash the host, leading to a denial of service.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-27152
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/references
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- package-manager/debian