{"id":"CVE-2020-10751","details":"A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.","modified":"2026-04-11T12:24:06.297213Z","published":"2020-05-26T15:15:10.727Z","related":["ALSA-2020:4431","SUSE-SU-2020:1587-1","SUSE-SU-2020:1599-1","SUSE-SU-2020:1602-1","SUSE-SU-2020:1603-1","SUSE-SU-2020:1604-1","SUSE-SU-2020:1605-1","SUSE-SU-2020:1663-1","SUSE-SU-2020:2027-1","SUSE-SU-2020:2105-1","SUSE-SU-2020:2134-1","SUSE-SU-2020:2152-1","SUSE-SU-2020:2156-1","SUSE-SU-2020:2478-1","SUSE-SU-2020:2487-1","openSUSE-SU-2020:0801-1","openSUSE-SU-2020:0935-1","openSUSE-SU-2021:0242-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0"}]},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0"}]}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html"},{"type":"WEB","url":"https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg%40mail.gmail.com/"},{"type":"WEB","url":"https://usn.ubuntu.com/4389-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/4390-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/4391-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/4412-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/4413-1/"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2020/05/27/3"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4698"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4699"},{"type":"ADVISORY","url":"https://www.openwall.com/lists/oss-security/2020/04/30/5"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10751"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"fb73974172ffaaf57a7c42f35424d9aece1a5af6"}],"database_specific":{"source":"REFERENCES"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10751.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/selinuxproject/selinux-kernel","events":[{"introduced":"0"},{"fixed":"3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162"}],"database_specific":{"cpe":"cpe:2.3:a:kernel:selinux:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"5.7"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10751.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"}]}