Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-26541

Опубликовано: 15 сент. 2020
Источник: redhat
CVSS3: 6.5

Описание

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

A flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altWill not fix
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise MRG 2kernelNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2021:259929.06.2021
Red Hat Enterprise Linux 8kernelFixedRHSA-2021:257029.06.2021
Red Hat Enterprise Linux 8.1 Extended Update SupportkernelFixedRHSA-2021:266607.07.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-347->CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1886285kernel: security bypass in certs/blacklist.c and certs/system_keyring.c

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-26541

CVSS3: 6.5
ubuntu
больше 4 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

nvd логотип

CVE-2020-26541

CVSS3: 6.5
nvd
больше 4 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

msrc логотип

CVE-2020-26541

CVSS3: 6.5
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-26541

CVSS3: 6.5
debian
больше 4 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure B ...

github логотип

GHSA-f823-qm69-5873

github
около 3 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

6.5 Medium

CVSS3