CVE-2020-14305

Published: 12/2/2020 Last updated: 8/4/2024 Reserved: 6/17/2020

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
kernel	n/a	6.0

References (8)

https://bugzilla.redhat.com/show_bug.cgi?id=1850716
https://bugs.openvz.org/browse/OVZ-7188
https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
https://security.netapp.com/advisory/ntap-20201210-0004/
https://bugzilla.redhat.com/show_bug.cgi?id=1850716
https://bugs.openvz.org/browse/OVZ-7188
https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
https://security.netapp.com/advisory/ntap-20201210-0004/