CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.

Link	Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6	Exploit Mailing List
https://twitter.com/grsecurity/status/1303646421158109185	Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLDYVOM4OS55HA45Y3UEVLDHYGFXPZUX/	Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BL2O4JAMPJG4YMLLJ7JFDHDJRXN4RKTC/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20201009-0001/	Third Party Advisory
https://www.debian.org/security/2020/dsa-4774	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html	Mailing List Third Party Advisory

Configuration 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

---

Published : 2020-09-09 04:15

Updated : 2022-11-16 03:08

---

NVD link : CVE-2020-25211

Mitre link : CVE-2020-25211

No products.

CWE-120