CVE-2020-13974

Updated: 2024-11-23 04:42:54.070607

Description:

An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.2
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-05-31 10:03:30
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Already Fixed 2024-05-31 10:03:31
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2024:1726655093 2024-09-26 12:50:46
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2024:1720468480 2024-07-23 17:19:21
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655822512 2022-06-21 11:47:50
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655821334 2022-06-21 11:47:51
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-06-09 14:20:01
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Ignored 2025-01-10 22:44:09
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-01-10 22:43:42
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2024:1726609578 2024-09-17 22:49:22