Show vulnerabilities with patch / with exploit

Remote denial of service in Linux kernel



Published: 2020-05-22
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2020-10711
CWE ID CWE-476
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Advisory

This security advisory describes one medium risk vulnerability.

1) NULL pointer dereference

Severity: Medium

CVSSv3: 6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-10711

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel's SELinux subsystem when importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated.

A remote attacker can send specially crafted packets the affected system, trigger a NULL pointer dereference error and crash the Linux kernel.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Linux kernel: 2.6, 2.6.2, 2.6.2.27.13, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.8.1, 2.6.8.1.5, 2.6.9, 2.6.11_rc1_bk6, 2.6.12-rc2, 2.6.15.8, 2.6.15.9, 2.6.15.10, 2.6.15.11, 2.6.16.4, 2.6.16.5, 2.6.16.6, 2.6.16.7, 2.6.16.8, 2.6.16.9, 2.6.16.31, 2.6.16.31-rc1, 2.6.16.31-rc2, 2.6.16.31-rc3, 2.6.16.31-rc4, 2.6.16.31-rc5, 2.6.16.32, 2.6.16.33, 2.6.16.34, 2.6.16.35, 2.6.16.36, 2.6.16.37, 2.6.16.38, 2.6.16.39, 2.6.16.40, 2.6.16.41, 2.6.16.42, 2.6.16.43, 2.6.16.44, 2.6.16.45, 2.6.16.46, 2.6.16.47, 2.6.16.48, 2.6.16.49, 2.6.16.50, 2.6.16.51, 2.6.16.52, 2.6.16.53, 2.6.16.54, 2.6.16.55, 2.6.16.56, 2.6.16.57, 2.6.16.58, 2.6.16.59, 2.6.16.60, 2.6.16.61, 2.6.16.62, 2.6.16_rc7, 2.6.17, 2.6.17.1, 2.6.17.2, 2.6.17.3, 2.6.17.4, 2.6.17.5, 2.6.17.6, 2.6.17.7, 2.6.17.8, 2.6.17.9, 2.6.17.10, 2.6.17.11, 2.6.17.12, 2.6.17.13, 2.6.17.14, 2.6.18, 2.6.18-rc1, 2.6.18-rc2, 2.6.18-rc3, 2.6.18-rc4, 2.6.18-rc5, 2.6.18-rc6, 2.6.18-rc7, 2.6.18.1, 2.6.18.2, 2.6.18.3, 2.6.18.4, 2.6.18.5, 2.6.18.6, 2.6.18.7, 2.6.18.8, 2.6.19, 2.6.19.1, 2.6.19.2, 2.6.19.3, 2.6.19.4, 2.6.19.5, 2.6.19.6, 2.6.19.7, 2.6.20, 2.6.20.1, 2.6.20.2, 2.6.20.3, 2.6.20.4, 2.6.20.5, 2.6.20.6, 2.6.20.7, 2.6.20.8, 2.6.20.9, 2.6.20.10, 2.6.20.11, 2.6.20.12, 2.6.20.13, 2.6.20.14, 2.6.20.15, 2.6.20.16, 2.6.20.17, 2.6.20.18, 2.6.20.19, 2.6.20.20, 2.6.20.21, 2.6.21, 2.6.21.1, 2.6.21.2, 2.6.21.3, 2.6.21.4, 2.6.21.5, 2.6.21.6, 2.6.21.7, 2.6.21_rc4, 2.6.22, 2.6.22.1, 2.6.22.2, 2.6.22.3, 2.6.22.4, 2.6.22.5, 2.6.22.6, 2.6.22.7, 2.6.22.8, 2.6.22.9, 2.6.22.10, 2.6.22.11, 2.6.22.12, 2.6.22.13, 2.6.22.14, 2.6.22.15, 2.6.22.16, 2.6.22.17, 2.6.22.18, 2.6.22.19, 2.6.22.20, 2.6.22.21, 2.6.22.22, 2.6.22_rc1, 2.6.22_rc7, 2.6.23, 2.6.23-rc1, 2.6.23-rc2, 2.6.23.1, 2.6.23.2, 2.6.23.3, 2.6.23.4, 2.6.23.5, 2.6.23.6, 2.6.23.7, 2.6.23.8, 2.6.23.9, 2.6.23.10, 2.6.23.11, 2.6.23.12, 2.6.23.13, 2.6.23.14, 2.6.23.15, 2.6.23.16, 2.6.23.17, 2.6.23_rc1, 2.6.24, 2.6.24-rc1, 2.6.24-rc2, 2.6.24-rc3, 2.6.24-rc4, 2.6.24-rc5, 2.6.24.1, 2.6.24.2, 2.6.24.3, 2.6.24.4, 2.6.24.5, 2.6.24.6, 2.6.24.7, 2.6.24_rc1, 2.6.24_rc4, 2.6.24_rc5, 2.6.25, 2.6.25.1, 2.6.25.2, 2.6.25.3, 2.6.25.4, 2.6.25.5, 2.6.25.6, 2.6.25.7, 2.6.25.8, 2.6.25.9, 2.6.25.10, 2.6.25.11, 2.6.25.12, 2.6.25.13, 2.6.25.14, 2.6.25.15, 2.6.25.16, 2.6.25.17, 2.6.25.18, 2.6.25.19, 2.6.25.20, 2.6.26, 2.6.26-rc4, 2.6.26.1, 2.6.26.2, 2.6.26.3, 2.6.26.4, 2.6.26.5, 2.6.26.6, 2.6.26.7, 2.6.26.8, 2.6.27, 2.6.27-rc1, 2.6.27-rc2, 2.6.27-rc3, 2.6.27-rc4, 2.6.27-rc5, 2.6.27-rc6, 2.6.27-rc7, 2.6.27-rc8, 2.6.27-rc9, 2.6.27.1, 2.6.27.2, 2.6.27.3, 2.6.27.4, 2.6.27.5, 2.6.27.6, 2.6.27.7, 2.6.27.8, 2.6.27.9, 2.6.27.10, 2.6.27.11, 2.6.27.12, 2.6.27.13, 2.6.27.14, 2.6.27.15, 2.6.27.16, 2.6.27.17, 2.6.27.18, 2.6.27.19, 2.6.27.20, 2.6.27.21, 2.6.27.22, 2.6.27.23, 2.6.27.24, 2.6.27.25, 2.6.27.26, 2.6.27.27, 2.6.27.28, 2.6.27.29, 2.6.27.30, 2.6.27.31, 2.6.27.32, 2.6.27.33, 2.6.27.34, 2.6.27.35, 2.6.27.36, 2.6.27.37, 2.6.27.38, 2.6.27.39, 2.6.27.40, 2.6.27.41, 2.6.27.42, 2.6.27.43, 2.6.27.44, 2.6.27.45, 2.6.27.46, 2.6.27.47, 2.6.27.48, 2.6.27.49, 2.6.27.50, 2.6.27.51, 2.6.27.52, 2.6.27.53, 2.6.27.54, 2.6.27.55, 2.6.27.56, 2.6.27.57, 2.6.27.58, 2.6.27.59, 2.6.27.60, 2.6.27.61, 2.6.27.62, 2.6.28, 2.6.28-git7, 2.6.28-rc1, 2.6.28-rc2, 2.6.28-rc3, 2.6.28-rc4, 2.6.28-rc5, 2.6.28-rc6, 2.6.28-rc7, 2.6.28.1, 2.6.28.2, 2.6.28.3, 2.6.28.4, 2.6.28.5, 2.6.28.6, 2.6.28.7, 2.6.28.8, 2.6.28.9, 2.6.28.10, 2.6.29, 2.6.29-git1, 2.6.29-rc1, 2.6.29-rc2, 2.6.29-rc2-git7, 2.6.29-rc8-kk, 2.6.29.1, 2.6.29.2, 2.6.29.3, 2.6.29.4, 2.6.29.5, 2.6.29.6, 2.6.29.rc1, 2.6.29.rc2, 2.6.29.rc2-git1, 2.6.30, 2.6.30-rc1, 2.6.30-rc2, 2.6.30-rc3, 2.6.30-rc5, 2.6.30-rc6, 2.6.30-rc7-git6, 2.6.30.1, 2.6.30.2, 2.6.30.3, 2.6.30.4, 2.6.30.5, 2.6.30.6, 2.6.30.7, 2.6.30.8, 2.6.30.9, 2.6.30.10, 2.6.30.y, 2.6.31, 2.6.31-rc1, 2.6.31-rc2, 2.6.31-rc3, 2.6.31-rc4, 2.6.31-rc5, 2.6.31-rc6, 2.6.31-rc7, 2.6.31-rc8, 2.6.31.1, 2.6.31.2, 2.6.31.3, 2.6.31.4, 2.6.31.5, 2.6.31.6, 2.6.31.7, 2.6.31.8, 2.6.31.9, 2.6.31.10, 2.6.31.11, 2.6.31.12, 2.6.31.13, 2.6.31.14, 2.6.32, 2.6.32-git-6, 2.6.32-rc1, 2.6.32-rc3, 2.6.32-rc4, 2.6.32-rc5, 2.6.32-rc6, 2.6.32-rc7, 2.6.32-rc8, 2.6.32.1, 2.6.32.2, 2.6.32.3, 2.6.32.4, 2.6.32.5, 2.6.32.6, 2.6.32.7, 2.6.32.8, 2.6.32.9, 2.6.32.10, 2.6.32.11, 2.6.32.12, 2.6.32.13, 2.6.32.14, 2.6.32.15, 2.6.32.16, 2.6.32.17, 2.6.32.18, 2.6.32.19, 2.6.32.20, 2.6.32.21, 2.6.32.22, 2.6.32.23, 2.6.32.24, 2.6.32.25, 2.6.32.26, 2.6.32.27, 2.6.32.50, 2.6.32.51, 2.6.32.52, 2.6.32.53, 2.6.32.54, 2.6.32.55, 2.6.32.56, 2.6.32.57, 2.6.32.58, 2.6.33, 2.6.33-rc1, 2.6.33-rc2, 2.6.33-rc3, 2.6.33-rc4, 2.6.33-rc5, 2.6.33-rc6, 2.6.33-rc7, 2.6.33.1, 2.6.33.2, 2.6.33.3, 2.6.33.4, 2.6.33.5, 2.6.33.6, 2.6.33.7, 2.6.33.8, 2.6.33.9, 2.6.33.10, 2.6.33.11, 2.6.33.12, 2.6.33.13, 2.6.33.14, 2.6.33.15, 2.6.33.16, 2.6.33.17, 2.6.33.18, 2.6.33.19, 2.6.33.20, 2.6.34, 2.6.34.1, 2.6.34.2, 2.6.34.3, 2.6.34.4, 2.6.34.5, 2.6.34.6, 2.6.34.7, 2.6.34.8, 2.6.34.9, 2.6.34.10, 2.6.35, 2.6.35.1, 2.6.35.2, 2.6.35.3, 2.6.35.4, 2.6.35.5, 2.6.35.6, 2.6.35.7, 2.6.35.8, 2.6.35.9, 2.6.35.10, 2.6.35.11, 2.6.35.12, 2.6.35.13, 2.6.36, 2.6.36-rc1, 2.6.36-rc2, 2.6.36-rc3, 2.6.36.1, 2.6.36.2, 2.6.36.3, 2.6.36.4, 2.6.37, 2.6.37.1, 2.6.37.2, 2.6.37.3, 2.6.37.4, 2.6.37.5, 2.6.37.6, 2.6.38, 2.6.38.1, 2.6.38.2, 2.6.38.3, 2.6.38.4, 2.6.38.5, 2.6.38.6, 2.6.38.7, 2.6.38.8, 2.6.39, 2.6.39.1, 2.6.39.2, 2.6.39.3, 2.6.39.4, 2.6_test9_cvs, 3.10, 3.10.0, 3.10.1, 3.10.2, 3.10.3, 3.10.4, 3.10.5, 3.10.6, 3.10.7, 3.10.8, 3.10.9, 3.10.10, 3.10.11, 3.10.12, 3.10.13, 3.10.14, 3.10.15, 3.10.16, 3.10.17, 3.10.18, 3.10.19, 3.10.20, 3.10.21, 3.10.22, 3.10.23, 3.10.24, 3.10.25, 3.10.26, 3.10.27, 3.10.28, 3.10.29, 3.10.30, 3.10.31, 3.10.32, 3.10.33, 3.10.34, 3.10.35, 3.10.36, 3.10.37, 3.10.38, 3.10.39, 3.10.40, 3.10.41, 3.10.42, 3.10.43, 3.10.44, 3.10.45, 3.10.46, 3.10.47, 3.10.48, 3.10.49, 3.10.50, 3.10.51, 3.10.52, 3.10.53, 3.10.54, 3.10.55, 3.10.56, 3.10.57, 3.10.58, 3.10.59, 3.10.60, 3.10.61, 3.10.62, 3.10.63, 3.10.64, 3.10.65, 3.10.66, 3.10.67, 3.10.68, 3.10.69, 3.10.70, 3.10.71, 3.10.72, 3.10.73, 3.10.74, 3.10.75, 3.10.76, 3.10.77, 3.10.78, 3.10.79, 3.10.80, 3.10.81, 3.10.82, 3.10.83, 3.10.84, 3.10.85, 3.10.86, 3.10.87, 3.10.88, 3.10.89, 3.10.90, 3.10.91, 3.10.92, 3.10.93, 3.10.94, 3.10.95, 3.10.96, 3.10.97, 3.10.98, 3.10.99, 3.10.100, 3.10.101, 3.10.102, 3.10.103, 3.10.104, 3.10.105, 3.10.106, 3.10.107, 4.18, 4.18.1, 4.18.2, 4.18.3, 4.18.4, 4.18.5, 4.18.6, 4.18.7, 4.18.8, 4.18.9, 4.18.10, 4.18.11, 4.18.12, 4.18.13, 4.18.14, 4.18.15, 4.18.16, 4.18.17, 4.18.18, 4.18.19, 4.18.20, 5.0, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 5.0.16, 5.0.17, 5.0.18, 5.0.19, 5.0.20, 5.0.21

CPE External links

https://www.openwall.com/lists/oss-security/2020/05/12/2
https://access.redhat.com/security/cve/cve-2020-10711
https://bugzilla.redhat.com/show_bug.cgi?id=1825116
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4b8feff251da3d7058b5779e21b33a85c686b974

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.