Vulnerability Details : CVE-2020-14305

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Vulnerability category: Memory CorruptionDenial of service

Published 2020-12-02 01:15:12

Updated 2022-10-14 12:11:22

Source Red Hat, Inc.

View at NVD, CVE.org

Threat overview for CVE-2020-14305

Top countries where our scanners detected CVE-2020-14305

Top open port discovered on systems with this issue 49152

IPs affected by CVE-2020-14305 13,769

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-14305!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-14305

Probability of exploitation activity in the next 30 days: 3.25%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-14305

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
8.3	HIGH	AV:N/AC:M/Au:N/C:P/I:P/A:C	8.6	8.5	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Complete
8.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	nvd@nist.gov
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-14305

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.
Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)

References for CVE-2020-14305

https://bugzilla.redhat.com/show_bug.cgi?id=1850716

1850716 – (CVE-2020-14305) CVE-2020-14305 kernel: memory corruption in Voice over IP nf_conntrack_h323 module
Issue Tracking;Patch;Third Party Advisory
https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/

[v4.10] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 - Patchwork
Mailing List;Patch;Third Party Advisory
https://bugs.openvz.org/browse/OVZ-7188

[OVZ-7188] Crash kernel 3.10.0-1062.4.2.vz7.116.7 - bugs.openvz.org
Exploit;Third Party Advisory
https://security.netapp.com/advisory/ntap-20201210-0004/

CVE-2020-14305 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory

Products affected by CVE-2020-14305

Linux » Linux Kernel
Versions up to, including, (<=) 4.11.12
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 4.12
cpe:2.3:o:linux:linux_kernel:4.12:-:*:*:*:*:*:*
Matching versions
Netapp » Cloud Backup » Version: N/A
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Matching versions
Netapp » Aff 500f Firmware » Version: N/A
cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Aff 500f » Version: N/A
Netapp » Solidfire Baseboard Management Controller Firmware » Version: N/A
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Solidfire Baseboard Management Controller » Version: N/A
Netapp » Fas 500f Firmware » Version: N/A
cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Fas 500f » Version: N/A
Netapp » A250 Firmware » Version: N/A
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » A250 » Version: N/A