CVE-2020-10711

Name: CVE-2020-10711
Creator: NVD / NIST
Published: 2020-05-22T15:15:11.207+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.9/10EPSS 3.10%

Last modified Jun 17, 2026

CVE-2020-10711 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. EPSS estimates a 3.10% chance of exploitation in the next 30 days.

Description

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.

Metrics

CVSS 3.1

5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

3.10%

86.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	< 5.7
Redhat	3scale	2.0
Redhat	Openstack	13
Redhat	Virtualization Host	4.0
Redhat	Enterprise Linux	6.0
Redhat	Enterprise Linux	7.0
Redhat	Enterprise Linux	8.0
Redhat	Enterprise Linux Aus	7.4
Redhat	Enterprise Linux Server Tus	7.4
Redhat	Messaging Realtime Grid	2.0
Debian	Debian Linux	8.0
Debian	Debian Linux	9.0
Debian	Debian Linux	10.0
Opensuse	Leap	15.1
Opensuse	Leap	15.2
Canonical	Ubuntu Linux	14.04
Canonical	Ubuntu Linux	16.04
Canonical	Ubuntu Linux	18.04
Canonical	Ubuntu Linux	19.10
Canonical	Ubuntu Linux	20.04

References

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.htmlMailing List, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711Issue Tracking, Patch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlThird Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
https://usn.ubuntu.com/4411-1/Third Party Advisory
https://usn.ubuntu.com/4412-1/Third Party Advisory
https://usn.ubuntu.com/4413-1/Third Party Advisory
https://usn.ubuntu.com/4414-1/Third Party Advisory
https://usn.ubuntu.com/4419-1/Third Party Advisory
https://www.debian.org/security/2020/dsa-4698Third Party Advisory
https://www.debian.org/security/2020/dsa-4699Third Party Advisory
https://www.openwall.com/lists/oss-security/2020/05/12/2Mailing List, Patch, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.htmlMailing List, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711Issue Tracking, Patch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.htmlThird Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0001/Third Party Advisory
https://usn.ubuntu.com/4411-1/Third Party Advisory
https://usn.ubuntu.com/4412-1/Third Party Advisory
https://usn.ubuntu.com/4413-1/Third Party Advisory
https://usn.ubuntu.com/4414-1/Third Party Advisory
https://usn.ubuntu.com/4419-1/Third Party Advisory
https://www.debian.org/security/2020/dsa-4698Third Party Advisory
https://www.debian.org/security/2020/dsa-4699Third Party Advisory
https://www.openwall.com/lists/oss-security/2020/05/12/2Mailing List, Patch, Third Party Advisory

Timeline

Published: May 22, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-10711?

How severe is CVE-2020-10711?

CVE-2020-10711 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 3.10% probability of exploitation in the next 30 days.

How do I fix CVE-2020-10711?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-10711?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST