#VU49150 Use of insufficiently random values in Linux kernel


Published: 2021-08-15

Vulnerability identifier: #VU49150

Vulnerability risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25705

CWE-ID: CWE-330

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor:

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://bugzilla.redhat.com/show_bug.cgi?id=1894579
http://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
http://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
http://security.netapp.com/advisory/ntap-20201210-0002/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability


Use of insufficiently random values in IBM MQ Appliance
Use of insufficiently random values in IBM DataPower Gateway
Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
Multiple vulnerabilities in Juniper Networks Session Smart Router
IBM Security Guardium update for Linux kernel
Multiple vulnerabilities in Junos Space
Red Hat Enterprise Linux 7.6 update for kernel
Red Hat Enterprise Linux 7.4 update for kernel
Red Hat Enterprise Linux 7.7 update for kernel
Use of insufficiently random values in Siemens Linux Based Products