Linux kernel 安全特征问题漏洞

admin
admin
admin
0
文章
0
评论
2022-07-13 08:46:18 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

Linux kernel 安全特征问题漏洞

  • CNNVD编号:CNNVD-202011-1399
  • 危害等级: 高危
  • CVE编号: CVE-2020-25705
  • 漏洞类型: 安全特征问题
  • 发布时间: 2020-11-13
  • 威胁类型: 远程
  • 更新时间: 2021-12-13
  • 厂        商:
  • 漏洞来源: Red Hat

漏洞简介

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。

Linux kernel 存在安全特征问题漏洞,该漏洞源于允许快速扫描打开的UDP端口。这个缺陷允许一个偏离路径的远程用户有效地绕过源端口UDP随机化。此漏洞的最大威胁是机密性和可能的完整性,因为依赖于UDP源端口随机化的软件也会间接受到影响。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38e7819cae946e2edf869e604af1e65a5d241c5

参考网址

来源:MISC

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1894579

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2020/12/msg00015.HTML

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2020/12/msg00027.HTML

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20201210-0002/

来源:MISC

链接:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03

来源:CONFIRM

链接:https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0839

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-there-are-multiple-vulnerabilities-in-the-linux-kernel-used-in-ibm-elastic-storage-system-3/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-25705

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161430/Red-Hat-Security-Advisory-2021-0537-01.HTML

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/DNS-Man-in-the-Middle-via-SAD-DNS-ICMP-Rate-33901

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4547/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161656/Red-Hat-Security-Advisory-2021-0719-01.HTML

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021051317

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/162878/Red-Hat-Security-Advisory-2021-2164-01.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0070/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4059/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163050/Red-Hat-Security-Advisory-2021-2355-01.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0565

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4168/

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021110516

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6523064

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0924

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0768

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-cve-2020-25705-cve-2020-28374-2/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161826/Red-Hat-Security-Advisory-2021-0856-01.HTML

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2020-25705

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2073

来源:source.CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android.com

链接:https://source.CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android.com/security/bulletin/2021-04-01

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4391/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4181/

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6459941

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1148

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1589

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4375/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160305/Ubuntu-Security-Notice-USN-4657-1.HTML

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-cve-2020-25705-cve-2020-28374/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4505/

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021062129

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1193

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160818/Ubuntu-Security-Notice-USN-4680-1.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0864

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4336/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4547.3

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4211/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4275/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161712/Red-Hat-Security-Advisory-2021-0774-01.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2604

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160472/Ubuntu-Security-Notice-USN-4659-2.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0791

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4219/

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6525030

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/162528/Red-Hat-Security-Advisory-2021-1531-01.HTML

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161609/Red-Hat-Security-Advisory-2021-0686-01.HTML

来源:us-cert.cisa.gov

链接:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03

受影响实体

    暂无


补丁

  • Linux kernel 安全特征问题漏洞的修复措施

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0