CVE-2020-36516
published 2022-02-26CVE-2020-36516: An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path…
medium5.9CVSS 3.1
AVNACHPRLUINSUCNIHAL
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.16.7-1 (bookworm) | linux 5.16.7-1 (bookworm) |
| linux | linux_kernel | <= 5.6.11 | — |
| linux | linux_kernel | >= 0 < 5.10.103-1 | 5.10.103-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 0 < 4.4.0-239.273 | 4.4.0-239.273 |
| netapp | e-series_santricity_os_controller | >= 11.0 | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
osv5.9MEDIUM