medium
5.9
CWE
327 290
Advisory Published
Updated

CVE-2020-36516

First published: Sat Feb 26 2022(Updated: )

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack (MITM) performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
0:5.14.0-162.6.1.rt21.168.el9_1
redhat/Linux kernel<5.17
5.17
ubuntu/linux<4.15.0-176.185
4.15.0-176.185
ubuntu/linux<5.4.0-109.123
5.4.0-109.123
ubuntu/linux<5.17~
5.17~
ubuntu/linux<4.4.0-239.273
4.4.0-239.273
ubuntu/linux-allwinner<5.17~
5.17~
ubuntu/linux-allwinner-5.19<5.17~
5.17~
ubuntu/linux-aws<4.15.0-1127.136
4.15.0-1127.136
ubuntu/linux-aws<5.4.0-1072.77
5.4.0-1072.77
ubuntu/linux-aws<4.4.0-1117.123
4.4.0-1117.123
ubuntu/linux-aws<5.17~
5.17~
ubuntu/linux-aws<4.4.0-1155.170
4.4.0-1155.170
ubuntu/linux-aws-5.0<5.17~
5.17~
ubuntu/linux-aws-5.11<5.17~
5.17~
ubuntu/linux-aws-5.13<5.17~
5.17~
ubuntu/linux-aws-5.15<5.17~
5.17~
ubuntu/linux-aws-5.19<5.17~
5.17~
ubuntu/linux-aws-5.3<5.17~
5.17~
ubuntu/linux-aws-5.4<5.4.0-1072.77~18.04.1
5.4.0-1072.77~18.04.1
ubuntu/linux-aws-5.4<5.17~
5.17~
ubuntu/linux-aws-5.8<5.17~
5.17~
ubuntu/linux-aws-hwe<5.17~
5.17~
ubuntu/linux-aws-hwe<4.15.0-1127.136~16.04.1
4.15.0-1127.136~16.04.1
ubuntu/linux-azure<5.4.0-1077.80
5.4.0-1077.80
ubuntu/linux-azure<4.15.0-1137.150~14.04.1
4.15.0-1137.150~14.04.1
ubuntu/linux-azure<5.17~
5.17~
ubuntu/linux-azure<4.15.0-1137.150~16.04.1
4.15.0-1137.150~16.04.1
ubuntu/linux-azure-4.15<4.15.0-1137.150
4.15.0-1137.150
ubuntu/linux-azure-4.15<5.17~
5.17~
ubuntu/linux-azure-5.11<5.17~
5.17~
ubuntu/linux-azure-5.13<5.17~
5.17~
ubuntu/linux-azure-5.15<5.17~
5.17~
ubuntu/linux-azure-5.3<5.17~
5.17~
ubuntu/linux-azure-5.4<5.4.0-1077.80~18.04.1
5.4.0-1077.80~18.04.1
ubuntu/linux-azure-5.4<5.17~
5.17~
ubuntu/linux-azure-edge<5.17~
5.17~
ubuntu/linux-azure-fde<5.4.0-1077.80
5.4.0-1077.80
ubuntu/linux-azure-fde<5.17~
5.17~
ubuntu/linux-azure-fde-5.15<5.17~
5.17~
ubuntu/linux-azure-fde-5.19<5.17~
5.17~
ubuntu/linux-bluefield<5.4.0-1035.38
5.4.0-1035.38
ubuntu/linux-bluefield<5.17~
5.17~
ubuntu/linux-dell300x<4.15.0-1041.46
4.15.0-1041.46
ubuntu/linux-dell300x<5.17~
5.17~
ubuntu/linux-fips<5.17~
5.17~
ubuntu/linux-gcp<5.4.0-1072.77
5.4.0-1072.77
ubuntu/linux-gcp<5.17~
5.17~
ubuntu/linux-gcp<4.15.0-1121.135~16.04.1
4.15.0-1121.135~16.04.1
ubuntu/linux-gcp-4.15<4.15.0-1121.135
4.15.0-1121.135
ubuntu/linux-gcp-4.15<5.17~
5.17~
ubuntu/linux-gcp-5.11<5.17~
5.17~
ubuntu/linux-gcp-5.13<5.17~
5.17~
ubuntu/linux-gcp-5.15<5.17~
5.17~
ubuntu/linux-gcp-5.3<5.17~
5.17~
ubuntu/linux-gcp-5.4<5.4.0-1072.77~18.04.1
5.4.0-1072.77~18.04.1
ubuntu/linux-gcp-5.8<5.17~
5.17~
ubuntu/linux-gke<5.4.0-1068.71
5.4.0-1068.71
ubuntu/linux-gke<5.17~
5.17~
ubuntu/linux-gke-4.15<5.17~
5.17~
ubuntu/linux-gke-5.0<5.17~
5.17~
ubuntu/linux-gke-5.15<5.17~
5.17~
ubuntu/linux-gke-5.3<5.17~
5.17~
ubuntu/linux-gke-5.4<5.17~
5.17~
ubuntu/linux-gkeop<5.4.0-1039.40
5.4.0-1039.40
ubuntu/linux-gkeop<5.17~
5.17~
ubuntu/linux-gkeop-5.15<5.17~
5.17~
ubuntu/linux-gkeop-5.4<5.17~
5.17~
ubuntu/linux-hwe<5.17~
5.17~
ubuntu/linux-hwe<4.15.0-176.185~16.04.1
4.15.0-176.185~16.04.1
ubuntu/linux-hwe-5.11<5.17~
5.17~
ubuntu/linux-hwe-5.13<5.17~
5.17~
ubuntu/linux-hwe-5.15<5.17~
5.17~
ubuntu/linux-hwe-5.4<5.4.0-109.123~18.04.1
5.4.0-109.123~18.04.1
ubuntu/linux-hwe-5.4<5.17~
5.17~
ubuntu/linux-hwe-5.8<5.17~
5.17~
ubuntu/linux-hwe-edge<5.17~
5.17~
ubuntu/linux-ibm<5.4.0-1020.22
5.4.0-1020.22
ubuntu/linux-ibm<5.17~
5.17~
ubuntu/linux-ibm-5.4<5.4.0-1020.22~18.04.1
5.4.0-1020.22~18.04.1
ubuntu/linux-ibm-5.4<5.17~
5.17~
ubuntu/linux-intel-5.13<5.17~
5.17~
ubuntu/linux-intel-iotg<5.17~
5.17~
ubuntu/linux-intel-iotg-5.15<5.17~
5.17~
ubuntu/linux-iot<5.4.0-1004.6
5.4.0-1004.6
ubuntu/linux-iot<5.17~
5.17~
ubuntu/linux-kvm<4.15.0-1113.116
4.15.0-1113.116
ubuntu/linux-kvm<5.4.0-1062.65
5.4.0-1062.65
ubuntu/linux-kvm<5.17~
5.17~
ubuntu/linux-kvm<4.4.0-1118.128
4.4.0-1118.128
ubuntu/linux-lowlatency<5.17~
5.17~
ubuntu/linux-lowlatency-hwe-5.15<5.17~
5.17~
ubuntu/linux-lowlatency-hwe-5.19<5.17~
5.17~
ubuntu/linux-lts-xenial<4.4.0-239.273~14.04.1
4.4.0-239.273~14.04.1
ubuntu/linux-lts-xenial<5.17~
5.17~
ubuntu/linux-nvidia<5.17~
5.17~
ubuntu/linux-oem<5.17~
5.17~
ubuntu/linux-oem-5.10<5.17~
5.17~
ubuntu/linux-oem-5.13<5.17~
5.17~
ubuntu/linux-oem-5.14<5.14.0-1024.26
5.14.0-1024.26
ubuntu/linux-oem-5.17<5.17~
5.17~
ubuntu/linux-oem-5.6<5.17~
5.17~
ubuntu/linux-oem-6.0<5.17~
5.17~
ubuntu/linux-oem-6.1<5.17~
5.17~
ubuntu/linux-oem-osp1<5.17~
5.17~
ubuntu/linux-oracle<4.15.0-1092.101
4.15.0-1092.101
ubuntu/linux-oracle<5.4.0-1070.76
5.4.0-1070.76
ubuntu/linux-oracle<5.17~
5.17~
ubuntu/linux-oracle<4.15.0-1092.101~16.04.1
4.15.0-1092.101~16.04.1
ubuntu/linux-oracle-5.0<5.17~
5.17~
ubuntu/linux-oracle-5.11<5.17~
5.17~
ubuntu/linux-oracle-5.13<5.17~
5.17~
ubuntu/linux-oracle-5.15<5.17~
5.17~
ubuntu/linux-oracle-5.3<5.17~
5.17~
ubuntu/linux-oracle-5.4<5.4.0-1070.76~18.04.1
5.4.0-1070.76~18.04.1
ubuntu/linux-raspi<5.4.0-1059.67
5.4.0-1059.67
ubuntu/linux-raspi<5.17~
5.17~
ubuntu/linux-raspi-5.4<5.4.0-1059.66~18.04.1
5.4.0-1059.66~18.04.1
ubuntu/linux-raspi-5.4<5.17~
5.17~
ubuntu/linux-raspi2<4.15.0-1108.115
4.15.0-1108.115
ubuntu/linux-raspi2<5.17~
5.17~
ubuntu/linux-raspi2-5.3<5.17~
5.17~
ubuntu/linux-riscv<5.17~
5.17~
ubuntu/linux-riscv-5.11<5.17~
5.17~
ubuntu/linux-riscv-5.15<5.17~
5.17~
ubuntu/linux-riscv-5.8<5.17~
5.17~
ubuntu/linux-snapdragon<4.15.0-1126.135
4.15.0-1126.135
ubuntu/linux-snapdragon<5.17~
5.17~
ubuntu/linux-starfive<5.17~
5.17~
ubuntu/linux-starfive-5.19<5.17~
5.17~
ubuntu/linux-xilinx-zynqmp<5.17~
5.17~
debian/linux
4.19.249-2
4.19.304-1
5.10.209-2
5.10.205-2
6.1.76-1
6.1.85-1
6.6.15-2
6.7.12-1
Linux Linux kernel<=5.6.11
Netapp Cloud Volumes Ontap Mediator
NetApp E-Series SANtricity OS Controller>=11.0
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
Netapp Solidfire \& Hci Management Node
All of
Netapp H300s Firmware
Netapp H300s
All of
Netapp H500s Firmware
Netapp H500s
All of
Netapp H700s Firmware
Netapp H700s
All of
Netapp H300e Firmware
Netapp H300e
All of
Netapp H500e Firmware
Netapp H500e
All of
Netapp H700e Firmware
Netapp H700e
All of
Netapp H410s Firmware
Netapp H410s
All of
Netapp H410c Firmware
Netapp H410c
All of
Netapp H610c Firmware
Netapp H610c
All of
Netapp H615c Firmware
Netapp H615c
All of
Netapp H610s Firmware
Netapp H610s
All of
Netapp Bootstrap Os
Netapp Hci Compute Node
Netapp Baseboard Management Controller H300s Firmware
Netapp Baseboard Management Controller H300s
Netapp Baseboard Management Controller H500s Firmware
Netapp Baseboard Management Controller H500s
Netapp Baseboard Management Controller H700s Firmware
Netapp Baseboard Management Controller H700s
Netapp Baseboard Management Controller H300e Firmware
Netapp Baseboard Management Controller H300e
Netapp Baseboard Management Controller H500e Firmware
Netapp Baseboard Management Controller H500e
Netapp Baseboard Management Controller H700e Firmware
Netapp Baseboard Management Controller H700e
Netapp Baseboard Management Controller H410s Firmware
Netapp Baseboard Management Controller H410s
Netapp Baseboard Management Controller H410c Firmware
Netapp Baseboard Management Controller H410c
Netapp Baseboard Management Controller H610c Firmware
Netapp Baseboard Management Controller H610c
Netapp Baseboard Management Controller H615c Firmware
Netapp Baseboard Management Controller H615c
Netapp Baseboard Management Controller H610s Firmware
Netapp Baseboard Management Controller H610s
Netapp Bootstrap Os
Netapp Hci Compute Node
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
Netapp H500s
Netapp H700s Firmware
Netapp H700s
Netapp H300e Firmware
Netapp H300e
Netapp H500e Firmware
Netapp H500e
Netapp H700e Firmware
Netapp H700e
Netapp H410s Firmware
Netapp H410s
Netapp H410c Firmware
Netapp H410c
Netapp H610c Firmware
Netapp H610c
Netapp H615c Firmware
Netapp H615c
Netapp H610s Firmware
Netapp H610s

Remedy

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Remedy

https://git.kernel.org/linus/73f156a6e8c1074ac6327e0abd1169e95eb66463

Remedy

https://git.kernel.org/linus/23f57406b82de51809d5812afd96f210f8b627f3

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203