RTAS Memory Access Vulnerability in PowerVM and KVM Hypervisors

RTAS Memory Access Vulnerability in PowerVM and KVM Hypervisors

CVE-2020-27777 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

Learn more about our User Device Pen Test.