CVE-2020-36516 : An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assi

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

Published 2022-02-26 04:15:07

Updated 2023-11-09 14:44:34

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2020-36516

Linux » Linux Kernel
Versions up to, including, (<=) 5.6.11
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Netapp » E-series Santricity Os Controller
Versions from including (>=) 11.0
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
Matching versions
Netapp » H610s Firmware » Version: N/A
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H610s » Version: N/A
Netapp » Cloud Volumes Ontap Mediator » Version: N/A
cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*
Matching versions
Netapp » Solidfire & Hci Management Node » Version: N/A
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
Matching versions
Netapp » H410c Firmware » Version: N/A
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410c » Version: N/A
Netapp » H300s Firmware » Version: N/A
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300s » Version: N/A
Netapp » H500s Firmware » Version: N/A
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500s » Version: N/A
Netapp » H700s Firmware » Version: N/A
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700s » Version: N/A
Netapp » H300e Firmware » Version: N/A
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H300e » Version: N/A
Netapp » H500e Firmware » Version: N/A
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H500e » Version: N/A
Netapp » H700e Firmware » Version: N/A
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H700e » Version: N/A
Netapp » H410s Firmware » Version: N/A
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H410s » Version: N/A
Netapp » H610c Firmware » Version: N/A
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H610c » Version: N/A
Netapp » H615c Firmware » Version: N/A
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H615c » Version: N/A
Netapp » Solidfire, Enterprise Sds & Hci Storage Node » Version: N/A
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
Matching versions
Netapp » Bootstrap Os » Version: N/A
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Hci Compute Node » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-36516

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 31 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-36516

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.9	MEDIUM	AV:N/AC:M/Au:S/C:N/I:P/A:P	6.8	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial
5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L	1.6	4.2	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: Low

CWE ids for CVE-2020-36516

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-36516

https://security.netapp.com/advisory/ntap-20220331-0003/

CVE-2020-36516 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://dl.acm.org/doi/10.1145/3372297.3417884

Off-Path TCP Exploits of the Mixed IPID Assignment | Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Technical Description;Third Party Advisory

Jump to

Vulnerability Details : CVE-2020-36516

Products affected by CVE-2020-36516

Exploit prediction scoring system (EPSS) score for CVE-2020-36516

CVSS scores for CVE-2020-36516

CWE ids for CVE-2020-36516

References for CVE-2020-36516