CVE-2020-14386 - log back

CVE-2020-14386 edited at 07 Sep 2020 20:37:44
Notes
+ Mitigation: If unprivileged user namespaces are not needed, set the kernel.unprivileged_userns_clone sysctl to 0:
+
+ $ sudo sysctl kernel.unprivileged_userns_clone=0
CVE-2020-14386 edited at 07 Sep 2020 20:36:32
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ A local attacker with CAP_NET_RAW privileges can escalate privileges via a memory corruption in net/packet/af_packet.c.
References
+ https://www.openwall.com/lists/oss-security/2020/09/03/3
Notes
CVE-2020-14386 created at 07 Sep 2020 20:35:17