QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2020-10711

Back to search

CVE-2020-10711

Published: May 22, 2020

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.1

5.9

MEDIUM

Description

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

VendorProductVersions

Red Hat

Kernel

affected
all kernel versions before 5.7

Weaknesses (CWE)

CWE-476

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

DSA-4698
vendor-advisory
x_refsource_DEBIAN
DSA-4699
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2020:0801
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2020:0935
vendor-advisory
x_refsource_SUSE
USN-4413-1
vendor-advisory
x_refsource_UBUNTU
USN-4411-1
vendor-advisory
x_refsource_UBUNTU
USN-4412-1
vendor-advisory
x_refsource_UBUNTU
USN-4419-1
vendor-advisory
x_refsource_UBUNTU
USN-4414-1
vendor-advisory
x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now