How severe is CVE-2024-27220?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2024-27220?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2024-27220

HIGH Year: 2024

CVSS v3 Score

8.4

High

Weakness Type

CWE-125

View all →

Vulnerability Description

In lpm_req_handler of , there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-1999-0029

HIGH

CVSS:8.4(High)

root privileges via buffer overflow in ordist command on SGI IRIX systems.

CWE-1251999

CVE-2016-20022

HIGH

CVSS:8.4(High)

In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products tha...

CWE-1252016

CVE-2017-6295

HIGH

CVSS:8.4(High)

NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial o...

CWE-1252017

CVE-2020-3960

HIGH

CVSS:8.4(High)

VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe...

CWE-1252020