CVE-2020-10751
First published: Mon Apr 27 2020(Updated: )
A flaw was found in the Linux kernel SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing. At this time, there is no known ability for an attacker to use this to abuse this flaw as capabilities are required to process any 'modify' operation.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
| redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
| redhat/kernel-rt | <0:4.18.0-240.rt7.54.el8 | 0:4.18.0-240.rt7.54.el8 |
| redhat/kernel | <0:4.18.0-240.el8 | 0:4.18.0-240.el8 |
| kernel SELinux | <5.7 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =8.0 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 | |
| Android |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2020-10751 https://nvd.nist.gov/vuln/detail/CVE-2020-10751 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6 https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/ https://www.openwall.com/lists/oss-security/2020/04/30/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1839634
- https://access.redhat.com/errata/RHSA-2020:4062
- https://access.redhat.com/errata/RHSA-2020:4060
- https://access.redhat.com/errata/RHSA-2020:4609
- https://access.redhat.com/errata/RHSA-2020:4431
- https://access.redhat.com/security/cve/cve-2020-10751
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- http://www.openwall.com/lists/oss-security/2020/05/27/3
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6
- https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
- https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/
- https://usn.ubuntu.com/4389-1/
- https://usn.ubuntu.com/4390-1/
- https://usn.ubuntu.com/4391-1/
- https://usn.ubuntu.com/4412-1/
- https://usn.ubuntu.com/4413-1/
- https://www.debian.org/security/2020/dsa-4698
- https://www.debian.org/security/2020/dsa-4699
- https://www.openwall.com/lists/oss-security/2020/04/30/5
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://launchpad.net/bugs/cve/CVE-2020-10751
- https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1844353
- http://android.googlesource.com/kernel/common/+/fb73974172ff
- https://source.android.com/docs/security/bulletin/2020-08-01 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751
- https://nvd.nist.gov/vuln/detail/CVE-2020-10751
- https://security-tracker.debian.org/tracker/CVE-2020-10751
- https://ubuntu.com/security/CVE-2020-10751
- https://git.kernel.org/linus/fb73974172ffaaf57a7c42f35424d9aece1a5af6
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2020-10751?
CVE-2020-10751 has a medium severity rating due to its impact on the Linux kernel's SELinux implementation.
How do I fix CVE-2020-10751?
To remediate CVE-2020-10751, upgrade to kernel versions 5.7 or later, or apply the relevant patches for affected distributions like Red Hat and Debian.
Which systems are affected by CVE-2020-10751?
CVE-2020-10751 affects various versions of the Linux kernel, specifically those prior to 5.7, as well as multiple Red Hat Enterprise Linux and Debian kernels.
What types of attacks can exploit CVE-2020-10751?
An attacker could exploit CVE-2020-10751 to bypass SELinux protections, potentially allowing unauthorized access or privilege escalation.
Is CVE-2020-10751 related to a specific Linux distribution?
Yes, CVE-2020-10751 specifically affects Red Hat Enterprise Linux and Debian systems with vulnerable versions of the kernel.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-10751
- agent/weakness
- agent/severity
- agent/remedy
- agent/references
- agent/last-modified-date
- agent/trending
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/source
- agent/tags
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/event
- agent/softwarecombine
- collector/android-source
- source/Android
- package-manager/redhat
- vendor/kernel
- canonical/kernel selinux
- vendor/redhat
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/8.0
- package-manager/debian
- vendor/google
- canonical/android