Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-10711
HistoryMay 12, 2020 - 12:00 a.m.

CVE-2020-10711

2020-05-1200:00:00
ubuntu.com
ubuntu.com
23

0.008 Low

EPSS

Percentile

81.6%

A NULL pointer dereference flaw was found in the Linux kernel’s SELinux
subsystem in versions before 5.7. This flaw occurs while importing the
Commercial IP Security Option (CIPSO) protocol’s category bitmap into the
SELinux extensible bitmap via the’ ebitmap_netlbl_import’ routine. While
processing the CIPSO restricted bitmap tag in the ‘cipso_v4_parsetag_rbm’
routine, it sets the security attribute to indicate that the category
bitmap is present, even if it has not been allocated. This issue leads to a
NULL pointer dereference issue while importing the same category bitmap
into SELinux. This flaw allows a remote network user to crash the system
kernel, resulting in a denial of service.

Notes

Author Note
sbeattie SELinux is not the default MAC used in Ubuntu
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-109.110UNKNOWN
ubuntu19.10noarchlinux< 5.3.0-62.56UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-40.44UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-185.215UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1077.81UNKNOWN
ubuntu19.10noarchlinux-aws< 5.3.0-1030.32UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1018.18UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1074.78) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1110.121UNKNOWN
ubuntu18.04noarchlinux-aws-5.3< 5.3.0-1030.32~18.04.1UNKNOWN
Rows per page:
1-10 of 491