1. Home
  2. Vulnerabilities
  3. CVE-2020-25645

CVE-2020-25645

CVSS v3.1 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 1.13 % (85th)
1.13% Progress
Affected Products 8
Advisories 40
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

Weaknesses
CWE-319
Cleartext Transmission of Sensitive Information
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2020-10-13 20:15:12
(3 years ago)
Updated Date
2021-03-26 02:25:39
(3 years ago)

Affected Products

Canonical

Debian

Linux

Netapp

Opensuse

Configuration #1

AND
    CPE23 From Up To
OR  
  Linux Kernel prior 5.9.0 version cpe:2.3:o:linux:linux_kernel < 5.9.0
OR  
  Running on/with
  Linux Kernel 5.9.0 cpe:2.3:o:linux:linux_kernel:5.9.0:-
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc1 cpe:2.3:o:linux:linux_kernel:5.9.0:rc1
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc2 cpe:2.3:o:linux:linux_kernel:5.9.0:rc2
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc3 cpe:2.3:o:linux:linux_kernel:5.9.0:rc3
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc4 cpe:2.3:o:linux:linux_kernel:5.9.0:rc4
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc5 cpe:2.3:o:linux:linux_kernel:5.9.0:rc5
OR  
  Running on/with
  Linux Kernel 5.9.0 Rc6 cpe:2.3:o:linux:linux_kernel:5.9.0:rc6

Configuration #2

AND
    CPE23 From Up To
OR  
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0
OR  
  Running on/with
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

AND
    CPE23 From Up To
OR  
  Netapp Solidfire & Hci Management Node cpe:2.3:a:netapp:solidfire_\%26_hci_management_node:-
OR  
  Running on/with
  Netapp Solidfire & Hci Storage Node cpe:2.3:a:netapp:solidfire_\%26_hci_storage_node:-

Configuration #4

AND
    CPE23 From Up To
OR  
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1
OR  
  Running on/with
  Opensuse Leap 15.2 cpe:2.3:o:opensuse:leap:15.2

Configuration #5

AND
    CPE23 From Up To
OR  
  Netapp Hci Compute Node Bios cpe:2.3:o:netapp:hci_compute_node_bios:-
OR  
  Running on/with
  Netapp Hci Compute Node cpe:2.3:h:netapp:hci_compute_node:-

Configuration #6

AND
    CPE23 From Up To
OR  
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm
OR  
  Running on/with
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
OR  
  Running on/with
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
OR  
  Running on/with
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts