CVE-2020-25211 — Classic Buffer Overflow in Linux

CWE-120 — Classic Buffer Overflow CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer19 documents9 sources

Severity

6.0MEDIUMNVD

OSV7.8OSV5.5

EPSS

0.0%

top 87.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Debian Linux +3 more

Timeline

PublishedSep 9

Latest updateFeb 14

Description

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 0.8 | Impact: 5.2

Affected Packages6 packages

▶Debianlinux/linux_kernel< 5.8.14-1+3

▶Ubuntulinux/linux_kernel< 4.4.0-197.229+4

▶NVDlinux/linux_kernel5.8.7

▶debiandebian/linux< linux 5.8.14-1 (bookworm)

▶msrcmsrc/cm1_kernel_5.4.91-3_on_cbl_mariner_1.0

Also affects: Debian Linux 10.0, 9.0, Fedora 31, 32

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-q7g7-fmmr-xhp8: In the Linux kernel through 5↗2022-05-24

▶

OSV

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 regression↗2020-12-13

▶

OSV

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon regression↗2020-12-13

▶

OSV

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities↗2020-12-03

▶

OSV

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2020-12-03

▶

📋Vendor Advisories

Palo Alto

PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS↗2024-02-14

▶

Ubuntu

Linux kernel regression↗2020-12-13

▶

Ubuntu

Linux kernel regression↗2020-12-13

▶

Ubuntu

Linux kernel vulnerabilities↗2020-12-03

▶

Ubuntu

Linux kernel vulnerabilities↗2020-12-03

▶

💬Community

Bugzilla

CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c [fedora-all]↗2020-09-09

▶

Bugzilla

CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c↗2020-09-09

▶