Back to bug 1900933
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Wade Mealing | 2020-11-24 03:00:30 UTC | CC | security-response-team | |
| Wade Mealing | 2020-11-24 04:18:08 UTC | CC | acaringi, bhu, bmasney, brdeoliv, dhoward, dvlasenk, fhrbata, hkrzesin, jshortt, jstancek, nmurray, ptalbert, rvrbovsk, walters | |
| Wade Mealing | 2020-11-24 04:18:46 UTC | CC | jlelli, kcarcia, lgoncalv, qzhao, williams | |
| Wade Mealing | 2020-11-24 04:21:51 UTC | CC | blc, mlangsdo | |
| Wade Mealing | 2020-11-24 04:48:36 UTC | Doc Text | A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free. A write to this specific memory while freed and before use could cause the flow of execution to change and possibly allow for memory corruption or privilege escalation. | |
| Wade Mealing | 2020-11-24 04:57:18 UTC | Priority | medium | high |
| Severity | medium | high | ||
| Wade Mealing | 2020-11-24 05:02:35 UTC | Depends On | 1900954, 1900951, 1900953, 1900952, 1900957, 1900950, 1900949, 1900956, 1900955, 1900958, 1900948 | |
| Dhananjay Arunesh | 2020-11-25 21:38:48 UTC | Summary | EMBARGOED kernel: use-after-free in kernel midi subsystem | EMBARGOED CVE-2020-27786 kernel: use-after-free in kernel midi subsystem |
| Alias | CVE-2020-27786 | |||
| Petr Matousek | 2020-11-26 16:01:11 UTC | CC | esammons, iboverma, jross, mcressma | |
| Wade Mealing | 2020-11-30 01:53:09 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Wade Mealing | 2020-11-30 01:54:26 UTC | CC | jkysela | |
| Wade Mealing | 2020-11-30 02:22:49 UTC | Depends On | 1900948, 1900949, 1900950, 1900951, 1900952, 1900953, 1900954, 1900955, 1900956, 1900957, 1900958 | |
| Wade Mealing | 2020-11-30 02:28:29 UTC | Depends On | 1902539 | |
| Wade Mealing | 2020-11-30 02:28:54 UTC | Depends On | 1902542 | |
| Wade Mealing | 2020-11-30 02:29:04 UTC | Depends On | 1902540 | |
| Wade Mealing | 2020-11-30 02:29:11 UTC | Depends On | 1902541 | |
| Wade Mealing | 2020-11-30 02:29:56 UTC | Group | redhat | |
| Wade Mealing | 2020-12-03 03:48:43 UTC | Group | redhat, security, qe_staff | |
| CC | adscvr, airlied, bskeggs, hdegoede, itamar, jarodwilson, jeremy, jforbes, jglisse, jonathan, josef, jwboyer, kernel-maint, kernel-mgr, linville, masami256, mchehab, mjg59, rt-maint, steved | |||
| Summary | EMBARGOED CVE-2020-27786 kernel: use-after-free in kernel midi subsystem | CVE-2020-27786 kernel: use-after-free in kernel midi subsystem | ||
| Wade Mealing | 2020-12-03 03:49:14 UTC | Depends On | 1903894 | |
| Wade Mealing | 2020-12-03 06:38:46 UTC | Comment | 6 | updated |
| Michael Kaplan | 2020-12-10 11:02:20 UTC | Fixed In Version | kernel 5.7-rc6 | |
| RaTasha Tillery-Smith | 2020-12-15 14:02:42 UTC | Doc Text | A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free. A write to this specific memory while freed and before use could cause the flow of execution to change and possibly allow for memory corruption or privilege escalation. | A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| Wade Mealing | 2021-01-11 05:25:54 UTC | Depends On | 1914738 | |
| Tomas Hoger | 2021-01-12 13:38:11 UTC | Depends On | 1900948, 1900949, 1900950, 1900951, 1900952, 1900953, 1900954, 1900955, 1900956, 1900957, 1900958 | |
| Marian Rehak | 2021-05-11 15:09:15 UTC | Blocks | 1936789 | |
| Petr Matousek | 2021-05-13 10:11:24 UTC | Depends On | 1869536 | |
| Red Hat Bugzilla | 2021-05-30 12:03:57 UTC | CC | blc | |
| Red Hat Bugzilla | 2021-05-30 12:47:47 UTC | CC | bhu | |
| Jeff Fearn 🐞 | 2021-06-03 11:09:38 UTC | CC | blc | |
| Jeff Fearn 🐞 | 2021-06-03 11:55:14 UTC | CC | bhu | |
| errata-xmlrpc | 2021-06-23 18:06:07 UTC | Link ID | Red Hat Product Errata RHBA-2021:2538 | |
| errata-xmlrpc | 2021-06-24 11:51:18 UTC | Link ID | Red Hat Product Errata RHBA-2021:2541 | |
| Red Hat Bugzilla | 2021-09-15 05:46:23 UTC | CC | jglisse | |
| Red Hat Bugzilla | 2022-04-23 08:29:00 UTC | CC | esammons | |
| Red Hat Bugzilla | 2022-07-16 03:20:24 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-31 23:34:44 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:39:45 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-06-14 21:29:50 UTC | CC | mcressma | |
| Red Hat Bugzilla | 2023-07-07 08:34:05 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team | |||
| Wade Mealing | 2023-07-11 08:47:53 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-07-11 08:47:53 UTC |
Back to bug 1900933