Lucene search

K
cve[email protected]CVE-2020-36516
HistoryFeb 26, 2022 - 4:15 a.m.

CVE-2020-36516

2022-02-2604:15:06
CWE-327
web.nvd.nist.gov
114
2
linux kernel
cve-2020-36516
ipid assignment
security vulnerability
nvd

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

32.4%

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victimโ€™s TCP session or terminate that session.

Affected configurations

NVD
Node
linuxlinux_kernelRangeโ‰ค5.6.11
Node
netappcloud_volumes_ontap_mediatorMatch-
OR
netappe-series_santricity_os_controllerRange11.0โ‰ฅ
OR
netappsolidfire\,_enterprise_sds_\&_hci_storage_nodeMatch-
OR
netappsolidfire_\&_hci_management_nodeMatch-
Node
netapph300sMatch-
AND
netapph300s_firmwareMatch-
Node
netapph500sMatch-
AND
netapph500s_firmwareMatch-
Node
netapph700sMatch-
AND
netapph700s_firmwareMatch-
Node
netapph300eMatch-
AND
netapph300e_firmwareMatch-
Node
netapph500eMatch-
AND
netapph500e_firmwareMatch-
Node
netapph700eMatch-
AND
netapph700e_firmwareMatch-
Node
netapph410sMatch-
AND
netapph410s_firmwareMatch-
Node
netapph410c_firmwareMatch-
AND
netapph410cMatch-
Node
netapph610c_firmwareMatch-
AND
netapph610cMatch-
Node
netapph615c_firmwareMatch-
AND
netapph615cMatch-
Node
netapph610s_firmwareMatch-
AND
netapph610sMatch-
Node
netappbootstrap_osMatch-
AND
netapphci_compute_nodeMatch-

Social References

More

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

32.4%