CVE-2020-14386

MEDIUM LAB

Linux Kernel < 4.9.239 - Out-of-Bounds Write

Title source: rule
STIX 2.1

Description

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Exploits (1)

nomisec WORKING POC 43 stars
by cgwalters · poc
https://github.com/cgwalters/cve-2020-14386

References (12)

Scores

CVSS v3 6.7
EPSS 0.0063
EPSS Percentile 70.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY
Community Lab
docker pull registry.svc.ci.openshift.org/coreos/cosa-buildroot

Details

CWE
CWE-250 CWE-787
Status published
Products (5)
debian/debian_linux 9.0
fedoraproject/fedora 33
linux/linux_kernel 5.9.0 rc1 (3 CPE variants)
linux/linux_kernel 4.6 - 4.9.239
opensuse/leap 15.1
Published Sep 16, 2020
Tracked Since Feb 18, 2026