what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

CVE-2020-10711

Status Candidate

Overview

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

Related Files

Ubuntu Security Notice USN-4419-1
Posted Jul 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4419-1 - It was discovered that a race condition existed in the Precision Time Protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-10690, CVE-2020-10711, CVE-2020-12770, CVE-2020-13143, CVE-2020-8992
SHA-256 | 4da1e70f72813a472a68df996a4ae3d56a0d2cc5f549bb57117ac1b67dbd4036
Ubuntu Security Notice USN-4413-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4413-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10751, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 7a63d1c745b27c7f807d07be0abf46a26c852cbe525f46d1aa4f51136fa76590
Ubuntu Security Notice USN-4412-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4412-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10751, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 4ff2368c3d486b4136ca213bbadd144700d05b48e79abfc439bdeeb2dc463585
Ubuntu Security Notice USN-4411-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4411-1 - It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-10711, CVE-2020-10732, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 77e9c423b2b22128a3f4021165dc16f0f69900cc8b3347190e6b8901fb3fdede
Ubuntu Security Notice USN-4414-1
Posted Jul 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4414-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2019-12380, CVE-2019-16089, CVE-2019-19039, CVE-2019-19318, CVE-2019-19377, CVE-2019-19462, CVE-2019-19813, CVE-2019-19816, CVE-2020-10711, CVE-2020-12770, CVE-2020-13143
SHA-256 | ec1a7baec52bd131ecb393a55700b5d470ac7a5dd70696941fbd4f55b47787c4
Debian Security Advisory 4698-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4698-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-19319, CVE-2019-19462, CVE-2019-19768, CVE-2019-20806, CVE-2019-20811, CVE-2019-2182, CVE-2019-5108, CVE-2020-0543, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10757, CVE-2020-10942, CVE-2020-11494
SHA-256 | 6b0461d5fdc0442553e93411732b13c0f292cb8ee0cf3b5b3b0228efca950d91
Debian Security Advisory 4699-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4699-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-19462, CVE-2019-3016, CVE-2020-0543, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10757, CVE-2020-12114, CVE-2020-12464, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 5c9b08156b9df614e0b461fd3ef88e61fe9ad766f6bfda59ca0dca4bd59df181
Red Hat Security Advisory 2020-2522-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, double free, integer overflow, memory leak, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2018-20169, CVE-2018-7191, CVE-2019-10639, CVE-2019-12382, CVE-2019-13233, CVE-2019-14283, CVE-2019-15916, CVE-2019-19768, CVE-2019-3901, CVE-2019-9503, CVE-2020-10711
SHA-256 | e4e407d5d11456415fbd17c67e612fad4cfe0d3826d8690e6621a9db97576147
Red Hat Security Advisory 2020-2519-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2519-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711
SHA-256 | 6cfc0f58090649f9090185b8c992ea7ea3a4d17ae7494207f5a23d75df1ee10a
Red Hat Security Advisory 2020-2429-01
Posted Jun 9, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2429-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-18660, CVE-2020-10711, CVE-2020-11884, CVE-2020-12657
SHA-256 | acf6009658433ea09ea51dd431d7f820db4e2be059016b37b0080cfbaed916f4
Red Hat Security Advisory 2020-2291-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2291-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711
SHA-256 | ee45b6f042e6c691076480d16fcf830d4e740aa874df2048554f2cbfc377a42e
Red Hat Security Advisory 2020-2289-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2289-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, heap overflow, memory leak, null pointer, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-10126, CVE-2019-19768, CVE-2019-3846, CVE-2020-10711
SHA-256 | ca1a3813a0ecbcf9e2f73b9ff16150fb54c458acd38a43569a373d34d79a64fa
Red Hat Security Advisory 2020-2277-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2277-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | efe3145206f11b3e50ccbf503ead77fc3430350fad092aff5f0600584c28e720
Red Hat Security Advisory 2020-2285-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2285-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | ada265fb400fc2098c203f3e9ade8514a0113d55caa666df2cae0a77fa52de69
Red Hat Security Advisory 2020-2242-01
Posted May 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2242-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | 2cb694524e3da29b25481569692ca7d659c95c88727071a36fd595125f080c3f
Red Hat Security Advisory 2020-2214-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2214-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | 9861ea3ee64da4b2bdb1079921a0a087fea60a45825bdb80bdd0d1c5a068203e
Red Hat Security Advisory 2020-2199-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2199-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711, CVE-2020-11884
SHA-256 | f7ea6ff56060539cc8fd204ebbdc3d293fba3c3860a375f8a984a14366ee7d11
Red Hat Security Advisory 2020-2203-01
Posted May 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2203-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include null pointer and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-19768, CVE-2020-10711
SHA-256 | d4db30bdd1e2a8ecd05d7cf8c5026f12278e19c96579c9f09c92489d11501e52
Red Hat Security Advisory 2020-2171-01
Posted May 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2171-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a null pointer vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-10711, CVE-2020-2732
SHA-256 | 55fdf582995ed3e27dc27b9dcc33893fd3b2930f09f41646e16f46fe73d4e72b
Red Hat Security Advisory 2020-2125-01
Posted May 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2125-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a null pointer vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-10711
SHA-256 | 275a9c1a7615f3f2122d778aecab4e9e96c32af921b3351aed2cfaba0a9c8190
Red Hat Security Advisory 2020-2082-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2082-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, memory leak, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | 438552c618e8448c249b09fd48a41683780f74a25b518e02c76eaa8a1fe4f389
Red Hat Security Advisory 2020-2085-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2085-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include double free, null pointer, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18595, CVE-2019-19768, CVE-2020-10711
SHA-256 | 1da5837554e325f987c40003b0a17d619fa93c955d1672b81131b48541ccb998
Red Hat Security Advisory 2020-2103-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a null pointer vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-10711
SHA-256 | 69685ae64b17508993819bf6c3821f813401d7c1dd2d06f0f0993fb31a955491
Red Hat Security Advisory 2020-2102-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2102-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and privilege escalation vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-10711, CVE-2020-11884, CVE-2020-2732
SHA-256 | d01822cdefd2a8f7c8259298b15c20b0cf838de3b4b6e40ca1190fff779c9619
Red Hat Security Advisory 2020-2104-01
Posted May 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2104-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service, double free, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-18551, CVE-2017-18595, CVE-2019-12614, CVE-2019-15538, CVE-2019-19447, CVE-2019-19524, CVE-2019-19768, CVE-2019-9454, CVE-2020-10711, CVE-2020-9383
SHA-256 | 55f2ffea99360d36e4e47e4a4596c9101c111085b9c05e6e7bde118e57a5e0ee
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close