Vulnerability CVE-2020-27152: Information

Description

An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-27152

Published: Nov. 6, 2020

Modified: Nov. 16, 2020

Error type identifier: CWE-835

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	5.9.4-alt1	6.8.8-alt1	ALT-PU-2020-3211-1	261044	Fixed
kernel-image-mp	p10	5.9.4-alt1	6.1.19-alt1	ALT-PU-2020-3211-1	261044	Fixed
kernel-image-mp	p9	5.9.16-alt1	5.12.16-alt1	ALT-PU-2020-3570-1	264232	Fixed
kernel-image-rpi-def	sisyphus	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p10	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p9	5.10.36-alt1	5.10.81-alt1	ALT-PU-2021-1866-1	272593	Fixed
kernel-image-rpi-un	sisyphus	5.10.2-alt1	6.6.23-alt1	ALT-PU-2020-3553-1	263808	Fixed
kernel-image-rpi-un	p10	5.10.2-alt1	6.1.77-alt1	ALT-PU-2020-3553-1	263808	Fixed
kernel-image-rpi-un	p9	5.10.7-alt1	5.12.17-alt1	ALT-PU-2021-1105-1	264968	Fixed
kernel-image-rt	sisyphus	5.10.35-alt1.rt39	6.1.90-alt2.rt30	ALT-PU-2021-1870-1	272532	Fixed
kernel-image-rt	p10	5.10.35-alt1.rt39	5.10.216-alt1.rt108	ALT-PU-2021-1870-1	272532	Fixed
kernel-image-std-def	sisyphus	5.10.28-alt1	6.1.91-alt1	ALT-PU-2021-1621-1	268839	Fixed
kernel-image-std-def	p10	5.10.28-alt1	5.10.216-alt1	ALT-PU-2021-1621-1	268839	Fixed
kernel-image-std-def	c9f2	5.10.32-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1739-1	270353	Fixed
kernel-image-std-kvm	sisyphus	5.10.29-alt1	5.10.176-alt1	ALT-PU-2021-1656-1	269859	Fixed
kernel-image-std-kvm	p10	5.10.29-alt1	5.10.42-alt1	ALT-PU-2021-1656-1	269859	Fixed
kernel-image-un-def	sisyphus	5.9.3-alt1	6.6.31-alt1	ALT-PU-2020-3182-1	260792	Fixed
kernel-image-un-def	p10	5.9.3-alt1	6.1.85-alt1	ALT-PU-2020-3182-1	260792	Fixed
kernel-image-un-def	p9	5.10.7-alt1	5.10.216-alt2	ALT-PU-2021-1083-1	263714	Fixed
kernel-image-un-def	c10f1	5.9.3-alt1	6.1.85-alt0.c10f.1	ALT-PU-2020-3182-1	260792	Fixed
kernel-image-un-def	c9f2	5.10.7-alt1	5.10.29-alt2	ALT-PU-2021-1083-1	263714	Fixed
linux-tools	sisyphus_e2k	5.10-alt1.E2K.1	5.10-alt1.E2K.3	ALT-PU-2023-7771-1	-	Fixed
linux-tools	p10_e2k	5.10-alt1.E2K.1	5.10-alt1.E2K.1	ALT-PU-2023-8360-1	-	Fixed
usbip	sisyphus	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed
usbip	sisyphus_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7452-1	-	Fixed
usbip	p10	5.10-alt1	5.10-alt1	ALT-PU-2023-1903-1	320461	Fixed
usbip	p10_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7498-1	-	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.kernel.org/show_bug.cgi?id=208767	Exploit Issue Tracking Third Party Advisory
[oss-security] 20201103 CVE-2020-27152 Kernel: KVM: host stack overflow via loop due to lazy update IOAPIC	Mailing List Patch Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da	Mailing List Patch Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2	Mailing List Release Notes Vendor Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End excliding
  5.9.2

Version: v24.5.1

Vulnerability CVE-2020-27152: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1