PT-2020-3944 · Linux+5 · Linux Kernel+5

Minh Yuan

·

Published

2020-09-14

·

Updated

2026-04-21

·

CVE-2020-14390

CVSS v3.1

5.6

Medium

VectorAV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.9-rc6
Description: A flaw in the Linux kernel can cause an out-of-bounds memory write when changing screen size, leading to memory corruption or a denial of service. The primary threat of this issue is system availability. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. The vulnerability is related to the fbcon redraw softback function and involves a buffer overflow, which can be exploited to cause a denial of service.
Recommendations: For Linux kernel versions prior to 5.9-rc6, update to version 5.9-rc6 or later to resolve the issue. As a temporary workaround, consider restricting screen size changes to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2020-3074
ALT-PU-2020-3211
ALT-PU-2020-3553
ALT-PU-2020-3570
ALT-PU-2021-1083
ALT-PU-2021-1105
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2020-04337
CVE-2020-14390
DLA-2385-1
DLA-2420-1
DLA-2420-2
MGASA-2020-0392
OPENSUSE-SU-2020:1586-1
OPENSUSE-SU-2020:1655-1
OPENSUSE-SU-2020_1586-1
OPENSUSE-SU-2020_1655-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
SUSE-SU-2020:2879-1
SUSE-SU-2020:2904-1
SUSE-SU-2020:2905-1
SUSE-SU-2020:2906-1
SUSE-SU-2020:2907-1
SUSE-SU-2020:2908-1
SUSE-SU-2020:2999-1
SUSE-SU-2020:3014-1
SUSE-SU-2020:3501-1
SUSE-SU-2020:3503-1
SUSE-SU-2020:3532-1
SUSE-SU-2020:3544-1
SUSE-SU-2021:14630-1
SUSE-SU-2021_14630-1
USN-4657-1
USN-4658-1
USN-4658-2
USN-4660-1
USN-4660-2
USN-4912-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu