1. Home
  2. Vulnerabilities
  3. CVE-2020-14351

CVE-2020-14351

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 4.6 (Medium)
46% Progress
EPSS 0.09 % (40th)
0.09% Progress
Affected Products 3
Advisories 34
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2020-12-03 17:15:12
(3 years ago)
Updated Date
2021-11-04 17:05:42
(2 years ago)

Affected Products

Debian

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 5.8.17 version cpe:2.3:o:linux:linux_kernel < 5.8.17

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0

Configuration #3

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0