← Back

CVE-2020-25645

nvd nist
Published: Oct 13, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

Affected (19)

Show all products
Linux: Linux Kernel · Debian: Debian Linux · Netapp: Solidfire & Hci Management Node, Solidfire & Hci Storage Node, Hci Compute Node Bios · Opensuse: Leap · Canonical: Ubuntu Linux
Linux
1 product
Linux Kernel
Debian
1 product
Debian Linux
Netapp
3 products
Solidfire & Hci Management Node
Solidfire & Hci Storage Node
Hci Compute Node Bios
Opensuse
1 product
Leap
Canonical
1 product
Ubuntu Linux
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 5.9.0
Linux Kernel
Version 5.9.0
Linux Kernel
Version 5.9.0 rc1
Linux Kernel
Version 5.9.0 rc2
Linux Kernel
Version 5.9.0 rc3
Linux Kernel
Version 5.9.0 rc4
Linux Kernel
Version 5.9.0 rc5
Linux Kernel
Version 5.9.0 rc6
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 9.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Solidfire & Hci Management Node
All versions
Solidfire & Hci Storage Node
All versions
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Leap
Version 15.1
Leap
Version 15.2
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hci Compute Node Bios
All versions
Running on/withPlatform Versions
Netapp
Hci Compute Node
All versions
Configuration F
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 20.04

Related CWEs

CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (16)

Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
ExploitIssue TrackingPatchVendor Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.