CVE-2020-14386

CVE	CVE-2020-14386
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-09-16 13:15:00 UTC
Updated	2023-11-07 03:17:00 UTC
Description	A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Problem Types: CWE-787

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Operating System	Linux	Linux Kernel	All	All	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc1	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc2	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc3	All	All
Operating System	Linux	Linux Kernel	All	All	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc1	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc2	All	All
Operating System	Linux	Linux Kernel	5.9.0	rc3	All	All
Operating System	Opensuse	Leap	15.1	All	All	All

Reference	Source	Link	Tags
[security-announce] openSUSE-SU-2020:1655-1: important: Security update	SUSE	lists.opensuse.org
[SECURITY] [DLA 2420-2] linux regression update	MLIST	lists.debian.org
kernel/git/torvalds/linux.git - Linux kernel source tree	MISC	git.kernel.org	Patch, Vendor Advisory
oss-security - Re: Containers-optimized OS (COS) membership in the linux-distros list	MLIST	www.openwall.com
oss-security - Re: Containers-optimized OS (COS) membership in the linux-distros list	MLIST	www.openwall.com
[SECURITY] [DLA 2385-1] linux-4.19 security update	MLIST	lists.debian.org
Kernel Live Patch Security Notice LSN-0072-1 ≈ Packet Storm	MISC	packetstormsecurity.com
oss-sec: CVE-2020-14386: Linux kernel: af_packet.c vulnerability	MISC	seclists.org	Mailing List, Third Party Advisory
1875699 – (CVE-2020-14386) CVE-2020-14386 kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege	CONFIRM	bugzilla.redhat.com	Issue Tracking, Third Party Advisory
oss-security - Containers-optimized OS (COS) membership in the linux-distros list	MLIST	www.openwall.com
[SECURITY] Fedora 33 Update: kernel-5.8.7-300.fc33 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 33 Update: kernel-5.8.7-300.fc33 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] [DLA 2420-1] linux security update	MLIST	lists.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

352341 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2020-027
352342 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2020-026
352343 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2020-025
353100 Amazon Linux Security Advisory for kernel : ALAC2012-2021-024
353101 Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2021-025
353102 Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2021-026
353136 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-015
376992 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2020:0115)
6140338 AWS Bottlerocket Security Update for kernel (GHSA-53mq-2mw5-rjcr)
750376 OpenSUSE Security Update for RT kernel (openSUSE-SU-2021:0242-1)
900076 CBL-Mariner Linux Security Update for kernel 5.4.91
902891 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (3470)
905955 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (3470-1)