5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
77.7%
A NULL pointer dereference flaw was found in the Linux kernel’s SELinux
subsystem in versions before 5.7. This flaw occurs while importing the
Commercial IP Security Option (CIPSO) protocol’s category bitmap into the
SELinux extensible bitmap via the’ ebitmap_netlbl_import’ routine. While
processing the CIPSO restricted bitmap tag in the ‘cipso_v4_parsetag_rbm’
routine, it sets the security attribute to indicate that the category
bitmap is present, even if it has not been allocated. This issue leads to a
NULL pointer dereference issue while importing the same category bitmap
into SELinux. This flaw allows a remote network user to crash the system
kernel, resulting in a denial of service.
Author | Note |
---|---|
sbeattie | SELinux is not the default MAC used in Ubuntu |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux-hwe-5.4 | < 5.4.0-40.44~18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-oem-5.6 | < 5.6.0-1011.11 | UNKNOWN |
ubuntu | 18.04 | noarch | linux | < 4.15.0-109.110 | UNKNOWN |
ubuntu | 19.10 | noarch | linux | < 5.3.0-62.56 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-40.44 | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < 4.4.0-185.215 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1077.81 | UNKNOWN |
ubuntu | 19.10 | noarch | linux-aws | < 5.3.0-1030.32 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-aws | < 4.4.0-1074.78) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws | < 4.4.0-1110.121 | UNKNOWN |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711
launchpad.net/bugs/cve/CVE-2020-10711
lore.kernel.org/netdev/07d99ae197bfdb2964931201db67b6cd0b38db5b.1589276729.git.pabeni@redhat.com/T/#u
nvd.nist.gov/vuln/detail/CVE-2020-10711
security-tracker.debian.org/tracker/CVE-2020-10711
ubuntu.com/security/notices/USN-4411-1
ubuntu.com/security/notices/USN-4412-1
ubuntu.com/security/notices/USN-4413-1
ubuntu.com/security/notices/USN-4414-1
ubuntu.com/security/notices/USN-4419-1
www.openwall.com/lists/oss-security/2020/05/12/2
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
77.7%