vulnerability

Oracle Linux: CVE-2020-27820: ELSA-2022-1988: kernel security, bug fix, and enhancement update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:M/Au:N/C:N/I:N/A:C)	Nov 3, 2020	May 18, 2022	Dec 3, 2025

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:N/A:C)

Published

Nov 3, 2020

Added

May 18, 2022

Modified

Dec 3, 2025

Description

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).

Solution

oracle-linux-upgrade-kernel

References

CVE-2020-27820
https://attackerkb.com/topics/CVE-2020-27820
ELSA-ELSA-2022-1988
CWE-416

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report