CVE-2020-10711: Null Pointer Dereference
First published: Fri Apr 17 2020(Updated: )
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <0:2.6.32-754.29.2.el6 | 0:2.6.32-754.29.2.el6 |
| redhat/kernel-rt | <0:3.10.0-1127.8.2.rt56.1103.el7 | 0:3.10.0-1127.8.2.rt56.1103.el7 |
| redhat/kernel | <0:3.10.0-1127.8.2.el7 | 0:3.10.0-1127.8.2.el7 |
| redhat/kernel-alt | <0:4.14.0-115.21.2.el7a | 0:4.14.0-115.21.2.el7a |
| redhat/kernel | <0:3.10.0-327.88.1.el7 | 0:3.10.0-327.88.1.el7 |
| redhat/kernel | <0:3.10.0-514.76.1.el7 | 0:3.10.0-514.76.1.el7 |
| redhat/kernel | <0:3.10.0-693.67.1.el7 | 0:3.10.0-693.67.1.el7 |
| redhat/kernel | <0:3.10.0-957.54.1.el7 | 0:3.10.0-957.54.1.el7 |
| redhat/kernel | <0:3.10.0-1062.26.1.el7 | 0:3.10.0-1062.26.1.el7 |
| redhat/kernel-rt | <0:4.18.0-193.1.2.rt13.53.el8_2 | 0:4.18.0-193.1.2.rt13.53.el8_2 |
| redhat/kernel | <0:4.18.0-193.1.2.el8_2 | 0:4.18.0-193.1.2.el8_2 |
| redhat/kernel | <0:4.18.0-80.23.2.el8_0 | 0:4.18.0-80.23.2.el8_0 |
| redhat/kernel | <0:4.18.0-147.13.2.el8_1 | 0:4.18.0-147.13.2.el8_1 |
| redhat/kernel-rt | <1:3.10.0-693.67.1.rt56.665.el6 | 1:3.10.0-693.67.1.rt56.665.el6 |
| redhat/kernel | <5.7 | 5.7 |
| Linux Kernel | <5.7 | |
| Red Hat 3scale | =2.0 | |
| redhat openstack | =13 | |
| redhat virtualization host | =4.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| redhat enterprise linux aus | =7.4 | |
| redhat enterprise Linux server tus | =7.4 | |
| Red Hat Messaging Realtime Grid | =2.0 | |
| Debian GNU/Linux | =8.0 | |
| Debian GNU/Linux | =9.0 | |
| Debian GNU/Linux | =10.0 | |
| openSUSE | =15.1 | |
| openSUSE | =15.2 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =16.04 | |
| Ubuntu Linux | =18.04 | |
| Ubuntu Linux | =19.10 | |
| Ubuntu Linux | =20.04 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 | |
| Debian | =8.0 | |
| Debian | =9.0 | |
| Debian | =10.0 | |
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.10 | |
| Ubuntu | =20.04 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. This issue can only be resolved by applying updates.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-10711 https://nvd.nist.gov/vuln/detail/CVE-2020-10711
- https://bugzilla.redhat.com/show_bug.cgi?id=1825116
- https://access.redhat.com/errata/RHSA-2020:2103
- https://access.redhat.com/errata/RHSA-2020:2085
- https://access.redhat.com/errata/RHSA-2020:2082
- https://access.redhat.com/errata/RHSA-2020:2104
- https://access.redhat.com/errata/RHSA-2020:2285
- https://access.redhat.com/errata/RHSA-2020:2277
- https://access.redhat.com/errata/RHSA-2020:2214
- https://access.redhat.com/errata/RHSA-2020:2289
- https://access.redhat.com/errata/RHSA-2020:2291
- https://access.redhat.com/errata/RHSA-2020:2519
- https://access.redhat.com/errata/RHSA-2020:2522
- https://access.redhat.com/errata/RHSA-2020:2171
- https://access.redhat.com/errata/RHSA-2020:2102
- https://access.redhat.com/errata/RHSA-2020:2125
- https://access.redhat.com/errata/RHSA-2020:2429
- https://access.redhat.com/errata/RHSA-2020:2199
- https://access.redhat.com/errata/RHSA-2020:2203
- https://access.redhat.com/errata/RHSA-2020:2242
- https://access.redhat.com/security/cve/cve-2020-10711
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711
- https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
- https://security.netapp.com/advisory/ntap-20200608-0001/
- https://usn.ubuntu.com/4411-1/
- https://usn.ubuntu.com/4412-1/
- https://usn.ubuntu.com/4413-1/
- https://usn.ubuntu.com/4414-1/
- https://usn.ubuntu.com/4419-1/
- https://www.debian.org/security/2020/dsa-4698
- https://www.debian.org/security/2020/dsa-4699
- https://www.openwall.com/lists/oss-security/2020/05/12/2
- https://launchpad.net/bugs/cve/CVE-2020-10711
- https://git.kernel.org/linus/4b8feff251da3d7058b5779e21b33a85c686b974
- https://lore.kernel.org/netdev/07d99ae197bfdb2964931201db67b6cd0b38db5b.1589276729.git.pabeni@redhat.com/T/#u
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1834778
- https://security-tracker.debian.org/tracker/CVE-2020-10711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711
- https://nvd.nist.gov/vuln/detail/CVE-2020-10711
- https://ubuntu.com/security/CVE-2020-10711
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2020-10711?
CVE-2020-10711 has been classified as a moderate vulnerability due to the NULL pointer dereference issue in the Linux kernel's SELinux subsystem.
How do I fix CVE-2020-10711?
To fix CVE-2020-10711, upgrade your Linux kernel to version 5.7 or later, or apply the specific patches available for affected versions.
Which Linux kernel versions are affected by CVE-2020-10711?
CVE-2020-10711 affects Linux kernel versions prior to 5.7.
What systems are impacted by CVE-2020-10711?
Systems running affected versions of the Linux kernel, including various distributions like Red Hat and Debian, are impacted by CVE-2020-10711.
Is CVE-2020-10711 a remote code execution vulnerability?
CVE-2020-10711 is not a remote code execution vulnerability; it involves a local NULL pointer dereference which can lead to a denial of service.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-10711
- agent/software-canonical-lookup
- agent/weakness
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/event
- agent/softwarecombine
- collector/nvd-index
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- vendor/redhat
- canonical/red hat 3scale
- version/red hat 3scale/2.0
- canonical/redhat openstack
- version/redhat openstack/13
- canonical/redhat virtualization host
- version/redhat virtualization host/4.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- version/red hat enterprise linux/8.0
- canonical/redhat enterprise linux aus
- version/redhat enterprise linux aus/7.4
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/7.4
- canonical/red hat messaging realtime grid
- version/red hat messaging realtime grid/2.0
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/8.0
- version/debian gnu/linux/9.0
- version/debian gnu/linux/10.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/15.1
- version/opensuse/15.2
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- version/ubuntu linux/16.04
- version/ubuntu linux/18.04
- version/ubuntu linux/19.10
- version/ubuntu linux/20.04
- package-manager/debian
- canonical/debian
- version/debian/8.0
- version/debian/9.0
- version/debian/10.0
- canonical/ubuntu
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.10
- version/ubuntu/20.04