PT-2020-6839 · Linux+4 · Linux Kernel+4

Yunhai Zhang

·

Published

2020-07-28

·

Updated

2024-06-15

·

CVE-2020-14331

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel's video driver, specifically the vgacon scrollback cur() function, which is vulnerable to an out-of-bounds write. This can be exploited by a local attacker when resizing the console, potentially leading to a system crash and possibly escalating privileges. The main concerns are data confidentiality, integrity, and system availability.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2020-2659
ALT-PU-2020-2660
ALT-PU-2020-2688
ALT-PU-2020-2695
ALT-PU-2020-2710
ALT-PU-2020-2716
ALT-PU-2020-2726
ALT-PU-2020-2732
ALT-PU-2020-2770
ALT-PU-2020-3057
ALT-PU-2020-3210
ALT-PU-2021-1083
ALT-PU-2021-1105
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1745
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2023-00700
CESA-2020_4286
CESA-2020_4289
CESA-2020_5023
CVE-2020-14331
DLA-2385-1
DLA-2420-1
DLA-2420-2
OPENSUSE-SU-2020:1153-1
OPENSUSE-SU-2020:1236-1
OPENSUSE-SU-2020:1325-1
OPENSUSE-SU-2020_1153-1
OPENSUSE-SU-2020_1236-1
OPENSUSE-SU-2020_1325-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2020:4286
RHSA-2020:4289
RHSA-2020:5023
RHSA-2020:5026
RHSA-2020_4286
RHSA-2020_4289
RHSA-2020_5023
RHSA-2020_5026
SUSE-SU-2020:2102-1
SUSE-SU-2020:2119-1
SUSE-SU-2020:2122-1
SUSE-SU-2020:2486-1
SUSE-SU-2020:2491-1
SUSE-SU-2020:2492-1
SUSE-SU-2020:2497-1
SUSE-SU-2020:2498-1
SUSE-SU-2020:2499-1
SUSE-SU-2020:2502-1
SUSE-SU-2020:2505-1
SUSE-SU-2020:2506-1
SUSE-SU-2020:2507-1
SUSE-SU-2020:2508-1
SUSE-SU-2020:2509-1
SUSE-SU-2020:2513-1
SUSE-SU-2020:2515-1
SUSE-SU-2020:2517-1
SUSE-SU-2020:2524-1
SUSE-SU-2020:2525-1
SUSE-SU-2020:2526-1
SUSE-SU-2020:2531-1
SUSE-SU-2020:2534-1
SUSE-SU-2020:2537-1
SUSE-SU-2020:2540-1
SUSE-SU-2020:2541-1
SUSE-SU-2020:2574-1
SUSE-SU-2020:2575-1
SUSE-SU-2020:2576-1
SUSE-SU-2020:2582-1
SUSE-SU-2020:2605-1
SUSE-SU-2020:2610-1
SUSE-SU-2020:2623-1
SUSE-SU-2020:2631-1
SUSE-SU-2020_2515-1
SUSE-SU-2020_2517-1
SUSE-SU-2020_2534-1
SUSE-SU-2020_2537-1
SUSE-SU-2021:14630-1
SUSE-SU-2021_14630-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse