CVE-2020-25673
Advisory lineage Upstream: 0 Downstream: 32
Modified
Published: 26 May 2021, 10:55
Last modified:04 Aug 2024, 15:40
Vulnerability Summary
Overall Risk (default)
medium
32/100 CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.13% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
2 found
Dark Web
Not detected
Timeline
26 May 2021, 10:55
Published
Vulnerability first disclosed
04 Aug 2024, 15:40
Last Modified
Vulnerability information updated
Description
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- v2.0•MEDIUM•Score: 4.9AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.13%• Percentile: 32%
Techniques & Countermeasures
- CWE-400•Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
Affected Systems
- fedoraproject•fedora
32 | 33 | 34
- linux•linux_kernel
< 5.3.18
- netapp•active_iq_unified_manager
na
- netapp•cloud_backup
na
- netapp•h300e
na
- netapp•h300s_firmware
na
- netapp•h410c_firmware
na
- netapp•h410s_firmware
na
- netapp•h500e
na
- netapp•h500s_firmware
na
- netapp•h700e
na
- netapp•h700s_firmware
na
- netapp•solidfire_baseboard_management_controller_firmware
na
References (6)
- http://www.openwall.com/lists/oss-security/2020/11/01/1
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/
- https://www.openwall.com/lists/oss-security/2020/11/01/1
- https://security.netapp.com/advisory/ntap-20210702-0008/