Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-14390

Опубликовано: 15 сент. 2020
Источник: redhat
CVSS3: 5.7
EPSS Низкий

Описание

A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

A flaw was found in the Linux kernel. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

Отчет

Due to this flaw requiring a local user to trigger by using frame buffer fbcon, the impact has been rated as Low.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelAffected
Red Hat Enterprise Linux 7kernel-altFix deferred
Red Hat Enterprise Linux 7kernel-rtFix deferred
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise MRG 2kernelOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1876788kernel: out-of-bounds write in fbcon_redraw_softback

EPSS

Процентиль: 6%
0.00026
Низкий

5.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-14390

CVSS3: 5.6
ubuntu
почти 5 лет назад

A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

nvd логотип

CVE-2020-14390

CVSS3: 5.6
nvd
почти 5 лет назад

A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

msrc логотип

CVE-2020-14390

CVSS3: 5.6
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-14390

CVSS3: 5.6
debian
почти 5 лет назад

A flaw was found in the Linux kernel in versions before 5.9-rc6. When ...

github логотип

GHSA-h8pg-xg8h-5pgp

github
около 3 лет назад

A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. This highest threat from this vulnerability is to system availability.

EPSS

Процентиль: 6%
0.00026
Низкий

5.7 Medium

CVSS3