cbcvebase.
CVE-2020-14304
published 2020-09-15

CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user…

PriorityP418medium4.4CVSS 3.1
AVLACLPRHUINSUCHINAN
EPSS
0.36%
27.7th percentile
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

Affected

7 ranges
VendorProductVersion rangeFixed in
debianlinux
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linux_kernelkernel
linux_kernelkernel
linux_kernelkernel

CVSS provenance

nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv4.4MEDIUM
vendor_debian4.4MEDIUM
vendor_redhat4.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.