A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

🗓️ 09 Dec 2020 00:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 2 Views

Linux kernel futex flaw enables local privilege escalation on unmounting, risking confidentiality.

Reporter	Title	Published	Views	Family All 259
ATTACKERKB	CVE-2020-14381	3 Dec 202017:15	–	attackerkb
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2020:4431)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2020:4431)	1 Feb 202100:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1386)	10 Mar 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2502)	27 Sep 202100:00	–	nessus
Tenable Nessus	MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)	20 Jan 202600:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2022-0073)	9 May 202200:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2022-0089)	15 Nov 202200:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0060)	27 Dec 202300:00	–	nessus
Tenable Nessus	NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0061)	27 Dec 202300:00	–	nessus

Vulners

Node

microsoft cm1_kernel_5.4.91-1Range<5.4.91-1

09 Dec 2020 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS 24.6

CVSS 3.17.8

EPSS0.0064

SSVC

linux kernel futex flaw privilege escalation unmounting filesystems memory corruption confidentiality integrity