CVE-2020-25211
CVSS v3.1
6 (Medium)
CVSS v2.0
3.6 (Low)
EPSS
0.04 % (5th)
Affected Products
3
Advisories
28
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
Weaknesses
- CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2020-09-09 16:15:12
(4 years ago) - Updated Date
-
2023-11-07 03:20:13
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...