CVE-2020-14386

Published: 16/09/2020 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A flaw was found in the Linux kernel prior to 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 5.9.0
linux linux kernel
debian debian linux 9.0
fedoraproject fedora 33
opensuse leap 15.1

Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...

Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

An issue has been reported in the Linux kernel's handling of raw sockets This issue can be used locally to cause denial of service or local privilege escalation from unprivileged processes or from containers with the CAP_NET_RAW capability enabled See Also: marcinfo/?l=linux-netdev&m=159915549623724&w=2wwwopenwallcom/li ...

In binder_release_work of binderc, there is a possible use-after-free due to improper locking This could lead to local escalation of privilege in the kernel with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A (<a href=http ...

A local attacker with CAP_NET_RAW privileges can escalate privileges via a memory corruption in net/packet/af_packetc ...

A flaw was found in the Linux kernel Memory corruption can be exploited to gain root privileges from unprivileged processes The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-14386) ...

Hi, This is an announcement of CVE-2020-14386 I also reported the issue netdev () vger kernel org and I'm waiting for approval of my proposed patch The report is as follows: ( a proposed patch and a reproducer are attached) I discovered a bug which leads to a memory corruption in (net/packet/af_packetc) It can be exploited to gain root privi ...

Hello, I’d like to propose Container-Optimized OS (COS) for membership in linux-distros Text below addresses items listed in the “Membership criteria” section of oss-securityopenwallorg/wiki/mailing-lists/distros Container-Optimized OS (COS) s a Chromium OS based server operating system Google distributes COS as a pre-built c ...

Solar Designer (solar () openwall com) wrote: Sorry, I wasn't aware about the problem with @googlecom Replying from the email address I use for my OSS communications (supposedly has DKIM and SPF configured) If this one is OK, I'll use it instead I think we can help with the following tasks: Help ensure that each message posted to oss-sec ...

Hello, here are some words on whether related issues to CVE-2020-14386 could exist in similar software There are of course forks of Linux which get updates slower or not at all The Android mainline branch at least has the fix already In case of µClinux I found trees that are kept on old versions with no plans to update to newer major versions ...

Hello Oleksandr, You posted this from @googlecom, which probably means many subscribers didn't receive the message because of that domain's strict DMARC policy So I fully quote your message below for others to possibly comment BTW, you will similarly need to be posting from another domain (eg, gmailcom) to the linux-distros list Overall, ...

On Thu, Sep 03, 2020 at 08:16:15PM +0300, Or Cohen wrote: In the proposed patch you have: Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt") That commit was in July 2008 While this is technically correct, it can be misleading, so I am posting the below clarification/excerpt from the discussion on linux-distros: On Wed, Sep 02, 2020 ...

A daily digest of the articles or videos I've found interesting, that I want to share with you.

Almost every single day I TLDR! Here, I list all the articles, blog posts, pages I've read, or videos I've watched, that I found interesting It's like a huge shared bookmarks registry with y'all! Or it's like a daily newsletter without newsletter Use Ctrl+F and find what you want Fun fact: Github only displays the readme until ~5000 lines I'm r

Reproducer for CVE-2020-14386 Pre-built container: registrysvcciopenshiftorg/coreos/cve-2020-14386 You probably want to test against an explicit node, like this: apiVersion: v1 kind: Pod metadata: name: cve-2020-14386 spec: restartPolicy: Never nodeName: <yournode> containers: - name: cve-2020-14386 image: registrysvcciopenshiftorg/coreos/cve

CVE type CVE-2020-14386 linux Network CVE-2020-27194 linux eBPF CVE-2020-8835 linux eBPF

CWE-787 https://seclists.org/oss-sec/2020/q3/146 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14386 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html http://www.openwall.com/lists/oss-security/2021/09/17/2 http://www.openwall.com/lists/oss-security/2021/09/17/4 http://www.openwall.com/lists/oss-security/2021/09/21/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNCPXERMUHPSGF6S2VVFL5NVVPBBFB63/https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:4331 https://github.com/sderosiaux/every-single-day-i-tldr https://alas.aws.amazon.com/ALAS-2020-1430.html

Get Started

CVE-2020-14386

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect