Main Vulnerability Database Exploits ID:9470 - Exploit for Improper Authorization in Linux kernel - CVE-2020-15780

ID:9470 - Exploit for Improper Authorization in Linux kernel - CVE-2020-15780

Published: December 28, 2023

Vulnerability identifier: #VU31922

Vulnerability risk: Low

CVE-ID: CVE-2020-15780

CWE-ID: CWE-285

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/Annavid/CVE-2020-15780-exploit

Vulnerability description

The vulnerability allows a local user to bypass authorization checks.

The vulnerability exists due to improper authorization in "in drivers/acpi/acpi_configfs.c". A local administrator can inject malicious ACPI tables via configfs to bypass lockdown and secure boot restrictions.

Remediation

Install updates from vendor's website.

ID:9470 - Exploit for Improper Authorization in Linux kernel - CVE-2020-15780

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human