CVE-2020-25211

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6

https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html

https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html

https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/BL2O4JAMPJG4YMLLJ7JFDHDJRXN4RKTC/

https://lists.fedoraproject.org/archives/list/[email protected]/message/OLDYVOM4OS55HA45Y3UEVLDHYGFXPZUX/

https://security.netapp.com/advisory/ntap-20201009-0001/

https://twitter.com/grsecurity/status/1303646421158109185

https://www.debian.org/security/2020/dsa-4774

Details

Source: MITRE

Published: 2020-09-09

Updated: 2020-11-02

Type: CWE-120

Risk Information

CVSS v2

Base Score: 3.6

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 6

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Impact Score: 5.2

Exploitability Score: 0.8

Severity: MEDIUM

Tenable Plugins

View all (49 total)

IDNameProductFamilySeverity
150536SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14630-1)NessusSuSE Local Security Checks
high
150422RHEL 7 : kernel (RHSA-2021:2355)NessusRed Hat Local Security Checks
high
150117RHEL 7 : kernel (RHSA-2021:2164)NessusRed Hat Local Security Checks
high
149444RHEL 7 : kernel (RHSA-2021:1531)NessusRed Hat Local Security Checks
high
147885CentOS 7 : kernel (CESA-2021:0856)NessusCentOS Local Security Checks
high
147861Oracle Linux 7 : kernel (ELSA-2021-0856)NessusOracle Linux Local Security Checks
high
147835RHEL 7 : kernel (RHSA-2021:0856)NessusRed Hat Local Security Checks
high
147827RHEL 7 : kernel-rt (RHSA-2021:0857)NessusRed Hat Local Security Checks
high
147512EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-1604)NessusHuawei Local Security Checks
high
147215RHEL 8 : kpatch-patch (RHSA-2021:0763)NessusRed Hat Local Security Checks
high
147212RHEL 8 : kernel-rt (RHSA-2021:0774)NessusRed Hat Local Security Checks
high
147207RHEL 8 : kernel (RHSA-2021:0765)NessusRed Hat Local Security Checks
high
146511SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0452-1)NessusSuSE Local Security Checks
high
146476SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1)NessusSuSE Local Security Checks
high
146474SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)NessusSuSE Local Security Checks
high
146470SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0434-1)NessusSuSE Local Security Checks
high
146406SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0427-1)NessusSuSE Local Security Checks
high
146366SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0354-1)NessusSuSE Local Security Checks
high
146359SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0353-1)NessusSuSE Local Security Checks
high
146293openSUSE Security Update : the Linux Kernel (openSUSE-2021-241)NessusSuSE Local Security Checks
high
145962CentOS 8 : kernel (CESA-2021:0003)NessusCentOS Local Security Checks
medium
145242RHEL 8 : kpatch-patch (RHSA-2021:0189)NessusRed Hat Local Security Checks
medium
145201EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-1079)NessusHuawei Local Security Checks
high
145074RHEL 8 : kernel (RHSA-2021:0184)NessusRed Hat Local Security Checks
low
144831EulerOS Virtualization 3.0.2.6 : kernel (EulerOS-SA-2021-1056)NessusHuawei Local Security Checks
critical
144711Oracle Linux 8 : kernel (ELSA-2021-0003)NessusOracle Linux Local Security Checks
medium
144706RHEL 8 : kernel (RHSA-2021:0003)NessusRed Hat Local Security Checks
medium
144705RHEL 8 : kernel-rt (RHSA-2021:0004)NessusRed Hat Local Security Checks
medium
143445Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4660-1)NessusUbuntu Local Security Checks
high
143433Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4657-1)NessusUbuntu Local Security Checks
high
143431Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4658-1)NessusUbuntu Local Security Checks
high
142978Amazon Linux AMI : kernel (ALAS-2020-1446)NessusAmazon Linux Local Security Checks
high
142722Amazon Linux 2 : kernel (ALAS-2020-1556)NessusAmazon Linux Local Security Checks
high
142576EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)NessusHuawei Local Security Checks
high
142483Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5912)NessusOracle Linux Local Security Checks
high
142240EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-2353)NessusHuawei Local Security Checks
high
142176Debian DLA-2420-2 : linux regression updateNessusDebian Local Security Checks
high
142112EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-2303)NessusHuawei Local Security Checks
medium
142052Debian DLA-2417-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
141789Slackware 14.2 : Slackware 14.2 kernel (SSA:2020-295-01)NessusSlackware Local Security Checks
high
141552Debian DSA-4774-1 : linux - security updateNessusDebian Local Security Checks
high
141106Amazon Linux 2 : kernel (ALAS-2020-1495)NessusAmazon Linux Local Security Checks
medium
141096Photon OS 1.0: Linux PHSA-2020-1.0-0328NessusPhotonOS Local Security Checks
medium
141090Photon OS 2.0: Linux PHSA-2020-2.0-0286NessusPhotonOS Local Security Checks
medium
140999EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-2151)NessusHuawei Local Security Checks
high
140785Photon OS 3.0: Linux PHSA-2020-3.0-0144NessusPhotonOS Local Security Checks
medium
140623Fedora 31 : kernel (2020-5920a7a0b2)NessusFedora Local Security Checks
medium
140620Fedora 32 : kernel (2020-3c6fedeb83)NessusFedora Local Security Checks
medium
140328EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2020-1958)NessusHuawei Local Security Checks
high