CVE-2020-10769 -- linux-imageID: oval:org.secpod.oval:def:2004127 | Date: (C)2020-10-08 (M)2024-05-22 |
Class: VULNERABILITY | Family: unix |
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm"s module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
linux-image-4.9 |
linux-image-4.19 |