CVE-2020-25645

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html

http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html

https://bugzilla.redhat.com/show_bug.cgi?id=1883988

https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html

https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html

https://security.netapp.com/advisory/ntap-20201103-0004/

https://www.debian.org/security/2020/dsa-4774

Details

Source: MITRE

Published: 2020-10-13

Updated: 2021-03-26

Type: CWE-319

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
151419EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2021-2140)NessusHuawei Local Security Checks
high
148494Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4912-1)NessusUbuntu Local Security Checks
high
148386SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1074-1)NessusSuSE Local Security Checks
high
147885CentOS 7 : kernel (CESA-2021:0856)NessusCentOS Local Security Checks
high
147875SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0835-1)NessusSuSE Local Security Checks
high
147861Oracle Linux 7 : kernel (ELSA-2021-0856)NessusOracle Linux Local Security Checks
high
147835RHEL 7 : kernel (RHSA-2021:0856)NessusRed Hat Local Security Checks
high
147827RHEL 7 : kernel-rt (RHSA-2021:0857)NessusRed Hat Local Security Checks
high
147690EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2021-1642)NessusHuawei Local Security Checks
high
147559EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2021-1454)NessusHuawei Local Security Checks
high
147512EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-1604)NessusHuawei Local Security Checks
high
146282openSUSE Security Update : RT kernel (openSUSE-2021-242)NessusSuSE Local Security Checks
high
146181EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1200)NessusHuawei Local Security Checks
high
145201EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-1079)NessusHuawei Local Security Checks
high
144731EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1039)NessusHuawei Local Security Checks
high
144494Debian DLA-2494-1 : linux security updateNessusDebian Local Security Checks
high
143875SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1)NessusSuSE Local Security Checks
high
143857SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3544-1)NessusSuSE Local Security Checks
high
143845SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2980-1)NessusSuSE Local Security Checks
high
143784SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3014-1)NessusSuSE Local Security Checks
high
143773SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3281-1)NessusSuSE Local Security Checks
high
143710SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3433-1)NessusSuSE Local Security Checks
high
143694SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3230-1)NessusSuSE Local Security Checks
high
143692SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3648-1)NessusSuSE Local Security Checks
high
143673SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2981-1)NessusSuSE Local Security Checks
high
143666SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3656-1)NessusSuSE Local Security Checks
high
143654SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3501-1)NessusSuSE Local Security Checks
high
143639SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3503-1)NessusSuSE Local Security Checks
high
143615SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2972-1)NessusSuSE Local Security Checks
high
143445Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4660-1)NessusUbuntu Local Security Checks
high
143433Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4657-1)NessusUbuntu Local Security Checks
high
143431Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4658-1)NessusUbuntu Local Security Checks
high
143398openSUSE Security Update : the Linux Kernel (openSUSE-2020-2112)NessusSuSE Local Security Checks
high
143065Photon OS 1.0: Linux PHSA-2020-1.0-0338NessusPhotonOS Local Security Checks
high
142986Photon OS 2.0: Linux PHSA-2020-2.0-0295NessusPhotonOS Local Security Checks
high
142331EulerOS 2.0 SP9 : kernel (EulerOS-SA-2020-2411)NessusHuawei Local Security Checks
high
142260EulerOS 2.0 SP9 : kernel (EulerOS-SA-2020-2429)NessusHuawei Local Security Checks
high
142148EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-2311)NessusHuawei Local Security Checks
high
142052Debian DLA-2417-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
141973Amazon Linux 2 : kernel (ALAS-2020-1520)NessusAmazon Linux Local Security Checks
high
141961Amazon Linux AMI : kernel (ALAS-2020-1437)NessusAmazon Linux Local Security Checks
high
141559openSUSE Security Update : the Linux Kernel (openSUSE-2020-1698)NessusSuSE Local Security Checks
high
141552Debian DSA-4774-1 : linux - security updateNessusDebian Local Security Checks
high
141514openSUSE Security Update : the Linux Kernel (openSUSE-2020-1682)NessusSuSE Local Security Checks
high