CVE-2020-10711

Current Description

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

Basic Data

PublishedMay 22, 2020
Last ModifiedJuly 29, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-476
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.3
SeverityMEDIUM
Exploitability Score8.6
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel********5.7
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRedhat3scale2.0*******
    2.3ApplicationRedhatOpenstack13.0*******
    2.3ApplicationRedhatVirtualization Host4.0*******
    2.3OSDebianDebian Linux8.0*******
    2.3OSDebianDebian Linux9.0*******
    2.3OSDebianDebian Linux10*******
    2.3OSRedhatEnterprise Linux6.0*******
    2.3OSRedhatEnterprise Linux7.0*******
    2.3OSRedhatEnterprise Linux8.0*******
    2.3OSRedhatEnterprise Linux Aus7.4*******
    2.3OSRedhatEnterprise Linux Server Tus7.4*******
    2.3OSRedhatMessaging Realtime Grid2.0*******

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 10, 8.0, 9.0
Redhat Openstack 13.0
Redhat 3scale 2.0
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 6.0, 7.0, 8.0
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Aus 7.4
Redhat Messaging Realtime Grid 2.0
Linux Linux Kernel *

References

NameSourceURLTags
openSUSE-SU-2020:0801http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlSUSE
openSUSE-SU-2020:0935http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.htmlSUSE
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711CONFIRMIssue Tracking Patch Third Party Advisory
[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security updatehttps://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlMLISTThird Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0001/https://security.netapp.com/advisory/ntap-20200608-0001/CONFIRMThird Party Advisory
USN-4411-1https://usn.ubuntu.com/4411-1/UBUNTU
USN-4412-1https://usn.ubuntu.com/4412-1/UBUNTU
USN-4413-1https://usn.ubuntu.com/4413-1/UBUNTU
USN-4414-1https://usn.ubuntu.com/4414-1/UBUNTU
USN-4419-1https://usn.ubuntu.com/4419-1/UBUNTU
DSA-4698https://www.debian.org/security/2020/dsa-4698DEBIANThird Party Advisory
DSA-4699https://www.debian.org/security/2020/dsa-4699DEBIANThird Party Advisory
https://www.openwall.com/lists/oss-security/2020/05/12/2https://www.openwall.com/lists/oss-security/2020/05/12/2CONFIRMMailing List Patch Third Party Advisory