Vulnerability Details : CVE-2020-25645
Potential exploit
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
Products affected by CVE-2020-25645
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.9.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-25645
0.72%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-25645
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2020-25645
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2020-25645
-
https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
[SECURITY] [DLA 2494-1] linux security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html
[security-announce] openSUSE-SU-2020:1698-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00035.html
[security-announce] openSUSE-SU-2020:1682-1: important: Security updateMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html
[SECURITY] [DLA 2417-1] linux-4.19 security updateMailing List;Third Party Advisory
-
http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
Kernel Live Patch Security Notice LSN-0074-1 ≈ Packet StormThird Party Advisory;VDB Entry
-
https://www.debian.org/security/2020/dsa-4774
Debian -- Security Information -- DSA-4774-1 linuxThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20201103-0004/
CVE-2020-25645 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1883988
1883988 – (CVE-2020-25645) CVE-2020-25645 kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpointsExploit;Issue Tracking;Patch;Vendor Advisory
Jump to