CVE-2020-10751
First published: Mon Apr 27 2020(Updated: )
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
| redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
| redhat/kernel-rt | <0:4.18.0-240.rt7.54.el8 | 0:4.18.0-240.rt7.54.el8 |
| redhat/kernel | <0:4.18.0-240.el8 | 0:4.18.0-240.el8 |
| kernel SELinux | <5.7 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server | =8.0 | |
| Google Android | ||
| ubuntu/linux | <4.15.0-106.107 | 4.15.0-106.107 |
| ubuntu/linux | <5.3.0-62.56 | 5.3.0-62.56 |
| ubuntu/linux | <5.4.0-37.41 | 5.4.0-37.41 |
| ubuntu/linux | <5.7~ | 5.7~ |
| ubuntu/linux | <4.4.0-184.214 | 4.4.0-184.214 |
| ubuntu/linux-aws | <4.15.0-1073.77 | 4.15.0-1073.77 |
| ubuntu/linux-aws | <5.3.0-1030.32 | 5.3.0-1030.32 |
| ubuntu/linux-aws | <5.4.0-1015.15 | 5.4.0-1015.15 |
| ubuntu/linux-aws | <4.4.0-1073.77 | 4.4.0-1073.77 |
| ubuntu/linux-aws | <5.7~ | 5.7~ |
| ubuntu/linux-aws | <4.4.0-1109.120 | 4.4.0-1109.120 |
| ubuntu/linux-aws-5.0 | <5.7~ | 5.7~ |
| ubuntu/linux-aws-5.3 | <5.3.0-1030.32~18.04.1 | 5.3.0-1030.32~18.04.1 |
| ubuntu/linux-aws-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-aws-5.4 | <5.7~ | 5.7~ |
| ubuntu/linux-aws-hwe | <5.7~ | 5.7~ |
| ubuntu/linux-aws-hwe | <4.15.0-1073.77~16.04.1 | 4.15.0-1073.77~16.04.1 |
| ubuntu/linux-azure | <5.3.0-1032.33 | 5.3.0-1032.33 |
| ubuntu/linux-azure | <5.4.0-1016.16 | 5.4.0-1016.16 |
| ubuntu/linux-azure | <4.15.0-1089.99~14.04.1 | 4.15.0-1089.99~14.04.1 |
| ubuntu/linux-azure | <5.7~ | 5.7~ |
| ubuntu/linux-azure | <4.15.0-1089.99~16.04.1 | 4.15.0-1089.99~16.04.1 |
| ubuntu/linux-azure-4.15 | <4.15.0-1089.99 | 4.15.0-1089.99 |
| ubuntu/linux-azure-4.15 | <5.7~ | 5.7~ |
| ubuntu/linux-azure-5.3 | <5.3.0-1032.33~18.04.1 | 5.3.0-1032.33~18.04.1 |
| ubuntu/linux-azure-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-azure-5.4 | <5.7~ | 5.7~ |
| ubuntu/linux-azure-edge | <5.7~ | 5.7~ |
| ubuntu/linux-gcp | <5.3.0-1030.32 | 5.3.0-1030.32 |
| ubuntu/linux-gcp | <5.4.0-1015.15 | 5.4.0-1015.15 |
| ubuntu/linux-gcp | <5.7~ | 5.7~ |
| ubuntu/linux-gcp | <4.15.0-1077.87~16.04.1 | 4.15.0-1077.87~16.04.1 |
| ubuntu/linux-gcp-4.15 | <4.15.0-1077.87 | 4.15.0-1077.87 |
| ubuntu/linux-gcp-4.15 | <5.7~ | 5.7~ |
| ubuntu/linux-gcp-5.3 | <5.3.0-1030.32~18.04.1 | 5.3.0-1030.32~18.04.1 |
| ubuntu/linux-gcp-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-gcp-edge | <5.7~ | 5.7~ |
| ubuntu/linux-gke-4.15 | <4.15.0-1063.66 | 4.15.0-1063.66 |
| ubuntu/linux-gke-4.15 | <5.7~ | 5.7~ |
| ubuntu/linux-gke-5.0 | <5.0.0-1043.44 | 5.0.0-1043.44 |
| ubuntu/linux-gke-5.0 | <5.7~ | 5.7~ |
| ubuntu/linux-gke-5.3 | <5.3.0-1030.32~18.04.1 | 5.3.0-1030.32~18.04.1 |
| ubuntu/linux-gke-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-hwe | <5.3.0-62.56~18.04.1 | 5.3.0-62.56~18.04.1 |
| ubuntu/linux-hwe | <5.7~ | 5.7~ |
| ubuntu/linux-hwe | <4.15.0-106.107~16.04.1 | 4.15.0-106.107~16.04.1 |
| ubuntu/linux-hwe-5.4 | <5.7~ | 5.7~ |
| ubuntu/linux-hwe-edge | <5.7~ | 5.7~ |
| ubuntu/linux-kvm | <4.15.0-1067.68 | 4.15.0-1067.68 |
| ubuntu/linux-kvm | <5.3.0-1024.26 | 5.3.0-1024.26 |
| ubuntu/linux-kvm | <5.4.0-1015.15 | 5.4.0-1015.15 |
| ubuntu/linux-kvm | <5.7~ | 5.7~ |
| ubuntu/linux-kvm | <4.4.0-1075.82 | 4.4.0-1075.82 |
| ubuntu/linux-lts-trusty | <5.7~ | 5.7~ |
| ubuntu/linux-lts-xenial | <4.4.0-184.214~14.04.1 | 4.4.0-184.214~14.04.1 |
| ubuntu/linux-lts-xenial | <5.7~ | 5.7~ |
| ubuntu/linux-oem | <4.15.0-1087.97 | 4.15.0-1087.97 |
| ubuntu/linux-oem | <5.7~ | 5.7~ |
| ubuntu/linux-oem-5.6 | <5.6.0-1011.11 | 5.6.0-1011.11 |
| ubuntu/linux-oem-5.6 | <5.7~ | 5.7~ |
| ubuntu/linux-oem-osp1 | <5.0.0-1063.68 | 5.0.0-1063.68 |
| ubuntu/linux-oem-osp1 | <5.7~ | 5.7~ |
| ubuntu/linux-oracle | <4.15.0-1045.49 | 4.15.0-1045.49 |
| ubuntu/linux-oracle | <5.3.0-1028.30 | 5.3.0-1028.30 |
| ubuntu/linux-oracle | <5.4.0-1015.15 | 5.4.0-1015.15 |
| ubuntu/linux-oracle | <5.7~ | 5.7~ |
| ubuntu/linux-oracle | <4.15.0-1045.49~16.04.1 | 4.15.0-1045.49~16.04.1 |
| ubuntu/linux-oracle-5.0 | <5.7~ | 5.7~ |
| ubuntu/linux-oracle-5.3 | <5.3.0-1028.30~18.04.1 | 5.3.0-1028.30~18.04.1 |
| ubuntu/linux-oracle-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-raspi | <5.4.0-1012.12 | 5.4.0-1012.12 |
| ubuntu/linux-raspi | <5.7~ | 5.7~ |
| ubuntu/linux-raspi-5.4 | <5.7~ | 5.7~ |
| ubuntu/linux-raspi2 | <4.15.0-1063.67 | 4.15.0-1063.67 |
| ubuntu/linux-raspi2 | <5.3.0-1028.30 | 5.3.0-1028.30 |
| ubuntu/linux-raspi2 | <5.7~ | 5.7~ |
| ubuntu/linux-raspi2 | <4.4.0-1134.143 | 4.4.0-1134.143 |
| ubuntu/linux-raspi2-5.3 | <5.3.0-1028.30~18.04.2 | 5.3.0-1028.30~18.04.2 |
| ubuntu/linux-raspi2-5.3 | <5.7~ | 5.7~ |
| ubuntu/linux-riscv | <5.4.0-27.31 | 5.4.0-27.31 |
| ubuntu/linux-riscv | <5.7~ | 5.7~ |
| ubuntu/linux-snapdragon | <4.15.0-1080.87 | 4.15.0-1080.87 |
| ubuntu/linux-snapdragon | <5.7~ | 5.7~ |
| ubuntu/linux-snapdragon | <4.4.0-1138.146 | 4.4.0-1138.146 |
| debian/linux | 4.19.249-2 4.19.304-1 5.10.209-2 5.10.205-2 6.1.76-1 6.1.85-1 6.6.15-2 6.7.12-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-10751 https://nvd.nist.gov/vuln/detail/CVE-2020-10751 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6 https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/ https://www.openwall.com/lists/oss-security/2020/04/30/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1839634
- https://access.redhat.com/errata/RHSA-2020:4062
- https://access.redhat.com/errata/RHSA-2020:4060
- https://access.redhat.com/errata/RHSA-2020:4609
- https://access.redhat.com/errata/RHSA-2020:4431
- https://access.redhat.com/security/cve/cve-2020-10751
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- http://www.openwall.com/lists/oss-security/2020/05/27/3
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6
- https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
- https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/
- https://usn.ubuntu.com/4389-1/
- https://usn.ubuntu.com/4390-1/
- https://usn.ubuntu.com/4391-1/
- https://usn.ubuntu.com/4412-1/
- https://usn.ubuntu.com/4413-1/
- https://www.debian.org/security/2020/dsa-4698
- https://www.debian.org/security/2020/dsa-4699
- https://www.openwall.com/lists/oss-security/2020/04/30/5
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://launchpad.net/bugs/cve/CVE-2020-10751
- https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1844353
- http://android.googlesource.com/kernel/common/+/fb73974172ff
- https://source.android.com/docs/security/bulletin/2020-08-01 (Advisory)
- https://git.kernel.org/linus/fb73974172ffaaf57a7c42f35424d9aece1a5af6
- https://security-tracker.debian.org/tracker/CVE-2020-10751
- https://ubuntu.com/security/notices/USN-4391-1
- https://ubuntu.com/security/notices/USN-4389-1
- https://ubuntu.com/security/notices/USN-4390-1
- https://ubuntu.com/security/notices/USN-4412-1
- https://ubuntu.com/security/notices/USN-4413-1
- https://www.cve.org/CVERecord?id=CVE-2020-10751
- https://nvd.nist.gov/vuln/detail/CVE-2020-10751
- https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
- https://ubuntu.com/security/CVE-2020-10751
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-10751
- collector/android-source
- agent/software-canonical-lookup-request
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/remedy
- agent/severity
- agent/description
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/event
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/kernel
- canonical/kernel selinux
- vendor/redhat
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- version/redhat enterprise linux server/8.0
- vendor/google
- canonical/google android
- package-manager/ubuntu
- package-manager/debian