CVE-2020-14386

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Summary:

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Reference Links(if available):

  • https://seclists.org/oss-sec/2020/q3/146
  • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386
  • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/RNCPXERMUHPSGF6S2VVFL5NVVPBBFB63/
  • https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
  • CVSS Score (if available)

    v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)