CVE-2020-14390
MEDIUMLinux Kernel < 5.9-rc6 - Out-of-bounds Write in Screen Size Change Handler
Title source: llmDescription
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
References (5)
Core 5
Core References
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1876788
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html
Scores
CVSS v3
5.6
EPSS
0.0034
EPSS Percentile
26.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
Details
CWE
CWE-787
Status
published
Products (3)
debian/debian_linux
9.0
linux/linux_kernel
5.9.0 (6 CPE variants)
linux/linux_kernel
2.2.3 - 5.9.0
Published
Sep 18, 2020
Tracked Since
Feb 18, 2026