CVE-2020-10711

{"id": "CVE-2020-10711", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2020-05-22T15:15:11.207", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20200608-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4411-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4412-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4413-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4414-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4419-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.debian.org/security/2020/dsa-4698", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.debian.org/security/2020/dsa-4699", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openwall.com/lists/oss-security/2020/05/12/2", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de desreferencia de puntero NULL en el subsistema SELinux del kernel de Linux en versiones anteriores a 5.7. Este fallo se produce al importar la categor\u00eda de protocolo Commercial IP Security Option (CIPSO) en el mapa de bits extensible de SELinux por medio de la rutina \"ebitmap_netlbl_import\". Mientras procesa la etiqueta de mapa de bits restringido CIPSO en la rutina \"cipso_v4_parsetag_rbm\", establece el atributo de seguridad para indicar que la categor\u00eda de mapa de bits est\u00e1 presente, incluso si no ha sido asignada. Esto conlleva a un problema de desreferencia de puntero NULL al importar el mismo mapa de bits de categor\u00eda hacia SELinux. Este fallo permite a un usuario remoto de la red bloquear el kernel del sistema, resultando en una denegaci\u00f3n de servicio."}], "lastModified": "2023-11-07T03:14:16.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3821E00-CCBB-4CD4-AD2C-D47DFF2F5A34", "versionEndExcluding": "5.7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:3scale:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BBA2217-0805-427B-81E2-13516C0EDCFD"}, {"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED"}, {"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB33390A-F51F-4451-8FEA-7FC31F1AA51C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665"}, {"criteria": "cpe:2.3:o:redhat:messaging_realtime_grid:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F0ED77E-6D8E-48DF-9D2E-4E821399F893"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}