A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

Affected Software

CPE Name Name Version
linux:linux_kernel linux linux kernel 5.7
redhat:3scale redhat 3scale 2.0
redhat:openstack redhat openstack 13
redhat:virtualization_host redhat virtualization host 4.0
redhat:enterprise_linux redhat enterprise linux 6.0
redhat:enterprise_linux redhat enterprise linux 7.0
redhat:enterprise_linux redhat enterprise linux 8.0
redhat:enterprise_linux_aus redhat enterprise linux aus 7.4
redhat:enterprise_linux_server_tus redhat enterprise linux server tus 7.4
redhat:messaging_realtime_grid redhat messaging realtime grid 2.0
debian:debian_linux debian debian linux 8.0
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
opensuse:leap opensuse leap 15.1
opensuse:leap opensuse leap 15.2
canonical:ubuntu_linux canonical ubuntu linux 14.04
canonical:ubuntu_linux canonical ubuntu linux 16.04
canonical:ubuntu_linux canonical ubuntu linux 18.04
canonical:ubuntu_linux canonical ubuntu linux 19.10
canonical:ubuntu_linux canonical ubuntu linux 20.04