CVE-2020-10751

CVSS V2 Low 3.6 CVSS V3 Medium 6.1
Description
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.
Overview
  • CVE ID
  • CVE-2020-10751
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2020-05-26T15:15:10
  • Last Modified Date
  • 2023-02-12T23:39:18
Weakness Enumerations
CWE URL
CWE-349 http://cwe.mitre.org/data/definitions/349.html
CWE-345 http://cwe.mitre.org/data/definitions/345.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:kernel:selinux:*:*:*:*:*:*:*:* 1 OR 5.7
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:L/Au:N/C:P/I:P/A:N
  • Access Vector
  • LOCAL
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 3.6
  • Severity
  • LOW
  • Exploitability Score
  • 3.9
  • Impact Score
  • 4.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • LOW
  • Privileges Required
  • LOW
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • NONE
  • Base Score
  • 6.1
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 1.8
  • Impact Score
  • 4.2
References
Reference URL Reference Tags
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
http://www.openwall.com/lists/oss-security/2020/05/27/3 Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:4060
https://access.redhat.com/errata/RHSA-2020:4062
https://access.redhat.com/errata/RHSA-2020:4431
https://access.redhat.com/errata/RHSA-2020:4609
https://access.redhat.com/security/cve/CVE-2020-10751
https://bugzilla.redhat.com/show_bug.cgi?id=1839634
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751 Issue Tracking Patch Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6 Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/
https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/ Mailing List Vendor Advisory
https://usn.ubuntu.com/4389-1/
https://usn.ubuntu.com/4390-1/
https://usn.ubuntu.com/4391-1/
https://usn.ubuntu.com/4412-1/
https://usn.ubuntu.com/4413-1/
https://www.debian.org/security/2020/dsa-4698
https://www.debian.org/security/2020/dsa-4699
https://www.openwall.com/lists/oss-security/2020/04/30/5 Mailing List Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2020-10751
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751
History
Created Old Value New Value Data Type Notes
2022-05-10 07:11:38 Added to TrackCVE
2022-12-04 16:58:05 2020-05-26T15:15Z 2020-05-26T15:15:10 CVE Published Date updated
2022-12-04 16:58:05 2021-06-14T18:15:20 CVE Modified Date updated
2022-12-04 16:58:05 Modified Vulnerability Status updated
2023-02-02 22:10:52 2023-02-02T21:19:23 CVE Modified Date updated
2023-02-02 22:10:53 Weakness Enumeration update
2023-02-02 22:10:53 A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing. A flaw was found in the Linux kernel’s SELinux LSM hook implementation, where it anticipated the skb would only contain a single Netlink message. The hook incorrectly validated the first Netlink message in the skb only, to allow or deny the rest of the messages within the skb with the granted permissions and without further processing. At this time, there is no known ability for an attacker to abuse this flaw. Description updated
2023-02-02 22:10:54 References updated
2023-02-13 00:11:00 2023-02-12T23:39:18 CVE Modified Date updated
2023-02-13 00:11:00 Weakness Enumeration update
2023-02-13 00:11:00 A flaw was found in the Linux kernel’s SELinux LSM hook implementation, where it anticipated the skb would only contain a single Netlink message. The hook incorrectly validated the first Netlink message in the skb only, to allow or deny the rest of the messages within the skb with the granted permissions and without further processing. At this time, there is no known ability for an attacker to abuse this flaw. A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing. Description updated