CVE-2020-14331
Published: 15 September 2020
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Priority
Negligible
CVSS 3 base score: 6.6
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Ignored
(was not-affected [config not enabled])
|
|
| trusty |
Ignored
(was not-affected [config not enabled])
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Ignored
(was not-affected [config not enabled])
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was not-affected [config not enabled])
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Ignored
(was not-affected [config not enabled])
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was not-affected [config not enabled])
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.3.0-1008.9~18.04.1)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| precise |
Ignored
(was not-affected [config not enabled])
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Ignored
(was not-affected [config not enabled])
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.3.0-1011.12~18.04.1)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(config not enabled)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(config not enabled)
|
| focal |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.9~rc1)
|
|
| xenial |
Not vulnerable
(config not enabled)
|
Notes
| Author | Note |
|---|---|
| amurray | CONFIG_VGACON_SOFT_SCROLLBACK is required to be enabled for this to be exploitable. This config option is disabled in Ubuntu kernel configs. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14331
- https://www.openwall.com/lists/oss-security/2020/07/28/2
- NVD
- Launchpad
- Debian