Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-36691

Опубликовано: 30 апр. 2020
Источник: redhat
CVSS3: 5.9

Описание

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

A flaw was found in lib/nlattr.c in the Linux kernel, before 5.8. This issue may allow an attacker to cause a denial of service (unbounded recursion) through a nested Netlink policy with a back reference.

Отчет

The affected code was not introduced into any kernel versions shipped with Red Hat Enterprise Linux; This vulnerability is not applicable to these platforms.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-674
https://bugzilla.redhat.com/show_bug.cgi?id=2181614kernel: lib/nlattr.c allows attackers to cause a denial of service

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-36691

CVSS3: 5.5
ubuntu
почти 3 года назад

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

nvd логотип

CVE-2020-36691

CVSS3: 5.5
nvd
почти 3 года назад

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

debian логотип

CVE-2020-36691

CVSS3: 5.5
debian
почти 3 года назад

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c a ...

github логотип

GHSA-m5p2-59ff-782g

CVSS3: 5.5
github
почти 3 года назад

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.

fstec логотип

BDU:2023-01750

CVSS3: 5.5
fstec
почти 6 лет назад

Уязвимость компонента lib/nlattr.c ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

5.9 Medium

CVSS3