Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:N7.1/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N