漏洞信息详情
Linux kernel 安全特征问题漏洞
- CNNVD编号:CNNVD-202011-1399 <!--
- 危害等级: 高危-->
- 危害等级: 高危
- CVE编号: CVE-2020-25705
- 漏洞类型: 安全特征问题
- 发布时间: 2020-11-13
- 威胁类型: 远程
- 更新时间: 2021-11-08
- 厂 商:
- 漏洞来源: Red Hat
-
漏洞简介
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 存在安全特征问题漏洞,该漏洞源于允许快速扫描打开的UDP端口。这个缺陷允许一个偏离路径的远程用户有效地绕过源端口UDP随机化。此漏洞的最大威胁是机密性和可能的完整性,因为依赖于UDP源端口随机化的软件也会间接受到影响。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38e7819cae946e2edf869e604af1e65a5d241c5
参考网址
来源:MISC
链接:https://bugzilla.redhat.com/show_bug.cgi?id=1894579
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
来源:CONFIRM
链接:https://security.netapp.com/advisory/ntap-20201210-0002/
来源:MISC
链接:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03
来源:CONFIRM
链接:https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0839
来源:source.android.com
链接:https://source.android.com/security/bulletin/2021-04-01
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4391/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4181/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-there-are-multiple-vulnerabilities-in-the-linux-kernel-used-in-ibm-elastic-storage-system-3/
来源:www.ibm.com
链接:https://www.ibm.com/support/pages/node/6459941
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-25705
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1148
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1589
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4375/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160305/Ubuntu-Security-Notice-USN-4657-1.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161430/Red-Hat-Security-Advisory-2021-0537-01.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-cve-2020-25705-cve-2020-28374/
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/DNS-Man-in-the-Middle-via-SAD-DNS-ICMP-Rate-33901
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4547/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4505/
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021062129
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161656/Red-Hat-Security-Advisory-2021-0719-01.html
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021051317
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162878/Red-Hat-Security-Advisory-2021-2164-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1193
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0070/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4059/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/163050/Red-Hat-Security-Advisory-2021-2355-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160818/Ubuntu-Security-Notice-USN-4680-1.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0864
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4336/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0565
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4168/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4547.3
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021110516
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4211/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0924
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4275/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0768
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161712/Red-Hat-Security-Advisory-2021-0774-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2604
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160472/Ubuntu-Security-Notice-USN-4659-2.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0791
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-cve-2020-25705-cve-2020-28374-2/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4219/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162528/Red-Hat-Security-Advisory-2021-1531-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161609/Red-Hat-Security-Advisory-2021-0686-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161826/Red-Hat-Security-Advisory-2021-0856-01.html
来源:us-cert.cisa.gov
链接:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03
来源:access.redhat.com
链接:https://access.redhat.com/security/cve/cve-2020-25705
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2073
受影响实体
暂无
补丁
- Linux kernel 安全特征问题漏洞的修复措施<!--2020-11-13-->
还没有评论,来说两句吧...