cbcvebase.
CVE-2020-14386
published 2020-09-16

CVE-2020-14386: A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat…

PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
1.32%
67.3th percentile
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Affected

21 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianlinux< linux 5.8.7-1 (bookworm)linux 5.8.7-1 (bookworm)
fedoraprojectfedora
linuxlinux_kernel
linuxlinux_kernel>= 0 < 5.8.7-15.8.7-1
linuxlinux_kernel>= 0 < 5.8.7-15.8.7-1
linuxlinux_kernel>= 0 < 5.8.7-15.8.7-1
linuxlinux_kernel>= 0 < 5.8.7-15.8.7-1
linuxlinux_kernel>= 0 < 4.4.0-193.2244.4.0-193.224
linuxlinux_kernel>= 0 < 4.15.0-117.1184.15.0-117.118
linuxlinux_kernel>= 0 < 4.15.0-121.1234.15.0-121.123
linuxlinux_kernel>= 0 < 5.4.0-51.565.4.0-51.56
linuxlinux_kernel>= 4.10 < 4.14.2014.14.201
linuxlinux_kernel>= 4.15 < 4.19.1504.19.150
linuxlinux_kernel>= 4.20 < 5.4.645.4.64
linuxlinux_kernel>= 4.6 < 4.9.2394.9.239
linuxlinux_kernel>= 5.5 < 5.8.85.8.8
linux_kernelkernel
msrccm1_kernel_5.4.91-3_on_cbl_mariner_1.0
opensuseleap
paloaltocortex_xsoar

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_msrc7.8HIGH
vendor_debian6.7MEDIUM
vendor_redhat6.7MEDIUM
vendor_ubuntu6.7MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.