DEBIAN-CVE-2020-10711

Advisory lineage Upstream: 1 Downstream: 3

Upstream

CVE-2020-10711

Downstream

DLA-2242-1 DSA-4698-1 DSA-4699-1

Published: 22 May 2020, 15:15

Last modified:28 Apr 2026, 20:21

Vulnerability Summary

Overall Risk (default)

low

24/100

CVSS Score

5.9 MEDIUM

3.1 (osv_debian)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

22 May 2020, 15:15

Published

Vulnerability first disclosed

28 Apr 2026, 20:21

Last Modified

Vulnerability information updated

Description

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

CVSS Metrics

v3.1•MEDIUM•Score: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

debian•linux
< 5.6.14-1 | < 5.6.14-1 | < 5.6.14-1 | < 5.6.14-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2020-10711