The Linux kernel for powerpc has an issue with the Run-Time Abstraction Services (RTAS) interface, allowing root (or CAP_SYS_ADMIN users) in a VM to overwrite some parts of memory, including kernel memory. References: https://www.openwall.com/lists/oss-security/2020/10/09/1 https://www.openwall.com/lists/oss-security/2020/11/23/2 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=bd59380c5ba4147dcbaad3e582b55ccfd120b764
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1900845]
This was fixed for Fedora with the 5.9 stable kernel rebases.
Statement: This issue is rated as having Moderate impact due to the required privileges and hardware dependencies.
External References: https://www.openwall.com/lists/oss-security/2020/10/09/1 https://www.openwall.com/lists/oss-security/2020/11/23/2 https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=bd59380c5ba4147dcbaad3e582b55ccfd120b764
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Acknowledgments: Name: Daniel Axtens (IBM)
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:3327 https://access.redhat.com/errata/RHSA-2021:3327
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27777
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356