7.2
CVSSv2

CVE-2020-14386

Published: 16/09/2020 Updated: 22/09/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A flaw was found in the Linux kernel prior to 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Vulnerability Trend

Vendor Advisories

A local attacker with CAP_NET_RAW privileges can escalate privileges via a memory corruption in net/packet/af_packetc ...

Mailing Lists

Hello, here are some words on whether related issues to CVE-2020-14386 could exist in similar software There are of course forks of Linux which get updates slower or not at all The Android mainline branch at least has the fix already In case of µClinux I found trees that are kept on old versions with no plans to update to newer major versions ...
Hi, This is an announcement of CVE-2020-14386 I also reported the issue netdev () vger kernel org and I'm waiting for approval of my proposed patch The report is as follows: ( a proposed patch and a reproducer are attached) I discovered a bug which leads to a memory corruption in (net/packet/af_packetc) It can be exploited to gain root privi ...