CVE-2020-14305

Sažetak

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=1850716
https://bugs.openvz.org/browse/OVZ-7188
https://security.netapp.com/advisory/ntap-20201210-0004/
https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502%40virtuozzo.com/

CVSS

Base:	8.3
Impact:	8.5
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:C

Zadnje važnije ažuriranje

07-11-2023 - 03:17

Objavljeno

02-12-2020 - 01:15