{ "threat_severity" : "Moderate", "public_date" : "2020-07-28T00:00:00Z", "bugzilla" : { "description" : "kernel: kernel: buffer over write in vgacon_scroll", "id" : "1858679", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1858679" }, "cvss3" : { "cvss3_base_score" : "6.6", "cvss3_scoring_vector" : "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-787", "details" : [ "A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability." ], "statement" : "This flaw is rated as a having Moderate impact, because only local user with access to VGA console can trigger it (for example if booting with param \"nomodeset\").", "acknowledgement" : "Red Hat would like to thank Yunhai Zhang (NSFOCUS Security Team) for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-11-10T00:00:00Z", "advisory" : "RHSA-2020:5026", "cpe" : "cpe:/a:redhat:rhel_extras_rt:7", "package" : "kernel-rt-0:3.10.0-1160.6.1.rt56.1139.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-11-10T00:00:00Z", "advisory" : "RHSA-2020:5023", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kernel-0:3.10.0-1160.6.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-10-20T00:00:00Z", "advisory" : "RHSA-2020:4289", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-193.28.1.rt13.77.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-10-20T00:00:00Z", "advisory" : "RHSA-2020:4286", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-193.28.1.el8_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "kernel-alt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise MRG 2", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/a:redhat:enterprise_mrg:2" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-14331\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-14331" ], "name" : "CVE-2020-14331", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }