What is CVE-2020-10711?

CVE-2020-10711 is a medium-severity vulnerability in Linux Linux_kernel, classified under NULL Pointer Dereference. CVSS score: 5.9/10. Published 2020-05-22.

How severe is CVE-2020-10711?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Is CVE-2020-10711 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

NULL pointer dereference in Linux Linux_kernel

CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bit…

EPSS: 0.031 (86.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Linux Linux_kernel
Canonical Ubuntu_linux — versions 14.04, 16.04, 18.04
Debian Debian_linux — versions 8.0, 9.0, 10.0
Opensuse Leap — versions 15.1, 15.2
Red Hat Kernel — versions all kernel versions before 5.7
Redhat 3scale — versions 2.0
Redhat Enterprise_linux — versions 6.0, 7.0, 8.0
Redhat Enterprise_linux_aus — versions 7.4
Redhat Enterprise_linux_server_tus — versions 7.4
Redhat Messaging_realtime_grid — versions 2.0

Weakness classification (CWE)

CWE-476 — NULL Pointer Dereference

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Mailing List, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
secalert@redhat.com (mailing-list, x_refsource_MLIST, Third Party Advisory)
secalert@redhat.com (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
secalert@redhat.com (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
secalert@redhat.com (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
secalert@redhat.com (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)

Frequently asked questions

What is CVE-2020-10711?: CVE-2020-10711 is a medium-severity vulnerability in Linux Linux_kernel, classified under NULL Pointer Dereference. CVSS score: 5.9/10. Published 2020-05-22.
How severe is CVE-2020-10711?: Medium severity. CVSS v3 base score is 5.9 out of 10.
Is CVE-2020-10711 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.