6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
kernel is vulnerable to remote code execution (RCE). The vulnerability exists through a buffer over-write in vgacon_scroll
.
access.redhat.com/errata/RHSA-2020:4286
access.redhat.com/errata/RHSA-2020:4289
access.redhat.com/errata/RHSA-2020:5023
access.redhat.com/errata/RHSA-2020:5026
access.redhat.com/security/cve/CVE-2020-14331
access.redhat.com/security/updates/classification/#important
access.redhat.com/security/vulnerabilities/BleedingTooth
bugzilla.redhat.com/show_bug.cgi?id=1858679
lists.debian.org/debian-lts-announce/2020/09/msg00025.html
lists.debian.org/debian-lts-announce/2020/10/msg00032.html
lists.debian.org/debian-lts-announce/2020/10/msg00034.html
lists.openwall.net/linux-kernel/2020/07/29/234
www.openwall.com/lists/oss-security/2020/07/28/2
6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C