kernel is vulnerable to remote code execution (RCE). The vulnerability exists through a buffer over-write in vgacon_scroll
.
access.redhat.com/errata/RHSA-2020:4286
access.redhat.com/errata/RHSA-2020:4289
access.redhat.com/errata/RHSA-2020:5023
access.redhat.com/errata/RHSA-2020:5026
access.redhat.com/security/cve/CVE-2020-14331
access.redhat.com/security/updates/classification/#important
access.redhat.com/security/vulnerabilities/BleedingTooth
bugzilla.redhat.com/show_bug.cgi?id=1858679
lists.debian.org/debian-lts-announce/2020/09/msg00025.html
lists.debian.org/debian-lts-announce/2020/10/msg00032.html
lists.debian.org/debian-lts-announce/2020/10/msg00034.html
lists.openwall.net/linux-kernel/2020/07/29/234
www.openwall.com/lists/oss-security/2020/07/28/2