The vulnerability of SELinux’s access control system in the Linux operating system allows a perpetrator to trigger a service failure.

🗓️ 02 Feb 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Enhanced Linux flaws allow remote attacker to trigger service failures via pointer arithmetic.

Reporter	Title	Published	Views	Family All 419
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel and Java affect IBM Spectrum Protect Plus	3 Mar 202121:46	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities	28 Oct 202017:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability	19 Oct 202017:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in kernel.	7 Jul 202210:52	–	ibm
IBM Security Bulletins	Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management	10 Aug 202015:57	–	ibm
Tenable Nessus	Amazon Linux 2 : kernel (ALAS-2020-1425)	13 May 202000:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-011)	2 May 202200:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2020-1366)	15 May 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2020-1382)	20 Jul 202000:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2020:2102)	1 Feb 202100:00	–	nessus

Vulners

Node

red_hat openshift_container_platformMatch4.3linux

OR

red_hat openshift_container_platformMatch4.4linux

OR

red_hat openshift_container_platformMatch4.5linux

OR

red_hat openshift_container_platformMatch4.6linux

OR

red_hat red_hat_enterprise_linuxMatch7.0

OR

red_hat red_hat_enterprise_linuxMatch8.0

OR

red_hat red_hat_enterprise_linuxMatch8

OR

novell opensuse_leapMatch15.1

OR

canonical ubuntuMatch19.10

OR

novell suse_linux_enterprise_serverMatch15-ltss

OR

novell opensuse_leapMatch15.2

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
lists	www.lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
access	www.access.redhat.com/security/cve/cve-2020-10711
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.181
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.124
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.224
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.224
kernel	www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.42

31 May 2024 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 35.9

CVSS 27.1

EPSS0.03097

Security Enhanced Linux access control flaw remote attacker pointer arithmetic service failures