CVE-2020-14386 - log back

CVE-2020-14386 edited at 02 Oct 2020 11:46:37
Notes
Mitigation: If unprivileged user namespaces are not needed, set the kernel.unprivileged_userns_clone sysctl to 0:
$ sudo sysctl kernel.unprivileged_userns_clone=0
- This prevents straight forward exploitation, however the vulnerability can still be triggered by an attacker by gaining code execution to an unprivileged processes that has the CAP_NET_RAW capability set.
+ This prevents straight forward exploitation, however the vulnerability can still be triggered by an attacker by gaining code execution to an unprivileged processes that has the CAP_NET_RAW capability set and the system does not restrict the capability.
CVE-2020-14386 edited at 02 Oct 2020 11:43:55
Description
- A local attacker with CAP_NET_RAW privileges can escalate privileges via a memory corruption in net/packet/af_packet.c.
+ A memory corruption flaw was found in the Linux kernel before 5.9-rc4 in net/packet/af_packet.c. A local attacker with CAP_NET_RAW privileges can exploit this vulnerability to gain root privileges from unprivileged processes.
References
https://www.openwall.com/lists/oss-security/2020/09/03/3
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
Notes
Mitigation: If unprivileged user namespaces are not needed, set the kernel.unprivileged_userns_clone sysctl to 0:
$ sudo sysctl kernel.unprivileged_userns_clone=0
+
+ This prevents straight forward exploitation, however the vulnerability can still be triggered by an attacker by gaining code execution to an unprivileged processes that has the CAP_NET_RAW capability set.
CVE-2020-14386 edited at 02 Oct 2020 11:07:35
Severity
- Medium
+ High
CVE-2020-14386 edited at 07 Sep 2020 20:37:44
Notes
+ Mitigation: If unprivileged user namespaces are not needed, set the kernel.unprivileged_userns_clone sysctl to 0:
+
+ $ sudo sysctl kernel.unprivileged_userns_clone=0
CVE-2020-14386 edited at 07 Sep 2020 20:36:32
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ A local attacker with CAP_NET_RAW privileges can escalate privileges via a memory corruption in net/packet/af_packet.c.
References
+ https://www.openwall.com/lists/oss-security/2020/09/03/3
Notes
CVE-2020-14386 created at 07 Sep 2020 20:35:17