CVE-2020-10751

MEDIUM EPSS 26.6%
Published May 26, 20206y ago · Modified Jun 17, 20262w ago
6.1 CVSS 3.1
Medium
Find Similar
Published May 26, 2020 6y ago
Last Modified Jun 17, 2026 2w ago

Description

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.

CVSS Details

Base Score
6.1
Exploitability
1.8
Impact
4.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
26.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-345
CWE-349

Affected Products 3

VendorProductVersionRange
kernelselinux* <5.7
redhatenterprise_linux_server7.0any
redhatenterprise_linux_server8.0any

References 18

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
  • openwall.com http://www.openwall.com/lists/oss-security/2020/05/27/3
    Mailing ListThird Party Advisory
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751
    Issue TrackingPatchThird Party Advisory
  • git.kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6
    PatchVendor Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
  • lore.kernel.org https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/
  • usn.ubuntu.com https://usn.ubuntu.com/4389-1/
  • usn.ubuntu.com https://usn.ubuntu.com/4390-1/
  • usn.ubuntu.com https://usn.ubuntu.com/4391-1/
  • usn.ubuntu.com https://usn.ubuntu.com/4412-1/
  • usn.ubuntu.com https://usn.ubuntu.com/4413-1/
  • debian.org https://www.debian.org/security/2020/dsa-4698
  • debian.org https://www.debian.org/security/2020/dsa-4699
  • openwall.com https://www.openwall.com/lists/oss-security/2020/04/30/5
    Mailing ListThird Party Advisory
  • oracle.com https://www.oracle.com/security-alerts/cpuApr2021.html

Remediation

  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751
    Issue TrackingPatchThird Party Advisory
  • git.kernel.org https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6
    PatchVendor Advisory