CVE-2020-36516

Summary

CVE	CVE-2020-36516
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-02-26 04:15:00 UTC
Updated	2023-11-09 14:44:00 UTC
Description	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

Risk And Classification

Problem Types: CWE-327

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Linux	Linux Kernel	All	All	All	All
Hardware	Netapp	Baseboard Management Controller H300e	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H300e Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H300s	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H300s Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H410c	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H410c Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H410s	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H410s Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H500e	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H500e Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H500s	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H500s Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H610c	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H610c Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H610s	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H610s Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H615c	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H615c Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H700e	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H700e Firmware	-	All	All	All
Hardware	Netapp	Baseboard Management Controller H700s	-	All	All	All
Operating System	Netapp	Baseboard Management Controller H700s Firmware	-	All	All	All
Operating System	Netapp	Bootstrap Os	-	All	All	All
Application	Netapp	Cloud Volumes Ontap Mediator	-	All	All	All
Application	Netapp	E-series Santricity Os Controller	All	All	All	All
Hardware	Netapp	H300e	-	All	All	All
Operating System	Netapp	H300e Firmware	-	All	All	All
Hardware	Netapp	H300s	-	All	All	All
Operating System	Netapp	H300s Firmware	-	All	All	All
Hardware	Netapp	H410c	-	All	All	All
Operating System	Netapp	H410c Firmware	-	All	All	All
Hardware	Netapp	H410s	-	All	All	All
Operating System	Netapp	H410s Firmware	-	All	All	All
Hardware	Netapp	H500e	-	All	All	All
Operating System	Netapp	H500e Firmware	-	All	All	All
Hardware	Netapp	H500s	-	All	All	All
Operating System	Netapp	H500s Firmware	-	All	All	All
Hardware	Netapp	H610c	-	All	All	All
Operating System	Netapp	H610c Firmware	-	All	All	All
Hardware	Netapp	H610s	-	All	All	All
Operating System	Netapp	H610s Firmware	-	All	All	All
Hardware	Netapp	H615c	-	All	All	All
Operating System	Netapp	H615c Firmware	-	All	All	All
Hardware	Netapp	H700e	-	All	All	All
Operating System	Netapp	H700e Firmware	-	All	All	All
Hardware	Netapp	H700s	-	All	All	All
Operating System	Netapp	H700s Firmware	-	All	All	All
Hardware	Netapp	Hci Compute Node	-	All	All	All
Application	Netapp	Solidfire Enterprise Sds Hci Storage Node	-	All	All	All
Application	Netapp	Solidfire Hci Management Node	-	All	All	All

References

Reference	Source	Link	Tags
Off-Path TCP Exploits of the Mixed IPID Assignment \| Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security	MISC	dl.acm.org
CVE-2020-36516 Linux Kernel Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159741 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9260)
159754 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9274)
159755 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9273)
159760 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9314)
159763 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9313)
160076 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9761)
160210 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-7683)
160270 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-8267)
199560 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6001-1)
199568 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6013-1)
199577 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6014-1)
240815 Red Hat Update for kernel-rt (RHSA-2022:7444)
240817 Red Hat Update for kernel security (RHSA-2022:7683)
240869 Red Hat Update for kernel-rt (RHSA-2022:7933)
240904 Red Hat Update for kernel security (RHSA-2022:8267)
377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
377181 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2022:0022)
390258 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0011)
390267 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0024)
671734 EulerOS Security Update for kernel (EulerOS-SA-2022-1791)
752502 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2875-1)
752584 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3265-1)
752591 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3274-1)
752592 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3282-1)
752594 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3293-1)
752596 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3291-1)
752615 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3408-1)
752632 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3450-1)
753063 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4617-1)
753167 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3288-1)
753234 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP2) (SUSE-SU-2022:3088-1)
753259 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2022:3123-1)
753298 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP1) (SUSE-SU-2022:3061-1)
753310 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:3108-1)
753316 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2892-1)
753370 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3609-1)
753448 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 33 for SLE 15 SP1) (SUSE-SU-2022:3064-1)
753465 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:3072-1)
940732 AlmaLinux Security Update for kernel (ALSA-2022:7683)
940766 AlmaLinux Security Update for kernel-rt (ALSA-2022:7444)
940798 AlmaLinux Security Update for kernel (ALSA-2022:8267)
940843 AlmaLinux Security Update for kernel-rt (ALSA-2022:7933)
960176 Rocky Linux Security Update for kernel-rt (RLSA-2022:7444)
960184 Rocky Linux Security Update for kernel (RLSA-2022:7683)