Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

Low

Attack Vector

Local

0

CVE-2020-10751

Disclosure Date: May 26, 2020 •

CVE-2020-10751 CVSS v3 Base Score: 6.1

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.1 Medium

Impact Score:

4.2

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

Low

Availability (A):

None

Vendors

kernel,
redhat

Products

enterprise linux server 7.0,
enterprise linux server 8.0,
selinux

References

Canonical

CVE-2020-10751 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751)

Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6

https://www.openwall.com/lists/oss-security/2020/04/30/5

https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com

[oss-security] 20200527 CVE-2020-10751 - Linux kernel: SELinux netlink permission check bypass (http://www.openwall.com/lists/oss-security/2020/05/27/3)

[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html)

[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html)

[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update (https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html)

DSA-4698 (https://www.debian.org/security/2020/dsa-4698)

DSA-4699 (https://www.debian.org/security/2020/dsa-4699)

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

USN-4389-1 (https://usn.ubuntu.com/4389-1)

USN-4390-1 (https://usn.ubuntu.com/4390-1)

USN-4391-1 (https://usn.ubuntu.com/4391-1)

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

USN-4413-1 (https://usn.ubuntu.com/4413-1)

USN-4412-1 (https://usn.ubuntu.com/4412-1)

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6

https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/

USN-4389-1 (https://usn.ubuntu.com/4389-1/)

USN-4390-1 (https://usn.ubuntu.com/4390-1/)

USN-4391-1 (https://usn.ubuntu.com/4391-1/)

USN-4413-1 (https://usn.ubuntu.com/4413-1/)

USN-4412-1 (https://usn.ubuntu.com/4412-1/)

Miscellaneous

https://www.oracle.com/security-alerts/cpuApr2021.html

https://access.redhat.com/errata/RHSA-2020:4060

https://access.redhat.com/errata/RHSA-2020:4062

https://access.redhat.com/errata/RHSA-2020:4431

https://access.redhat.com/errata/RHSA-2020:4609

https://access.redhat.com/security/cve/CVE-2020-10751

https://bugzilla.redhat.com/show_bug.cgi?id=1839634

https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/

Rapid7

Technical Analysis