Home

CVE-2020-14305

Description

An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Risk Information

Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.048

Associated Vulnerability

VulnerabilityOS Platform
Kernel-uek update (ELSA-2021-9002) kernel-uek-4.1.12-124.46.3.el6uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2021-9002) kernel-uek-debug-4.1.12-124.46.3.el6uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2021-9002) kernel-uek-debug-devel-4.1.12-124.46.3.el6uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2021-9002) kernel-uek-devel-4.1.12-124.46.3.el6uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2021-9002) kernel-uek-doc-4.1.12-124.46.3.el6uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2021-9002) kernel-uek-firmware-4.1.12-124.46.3.el6uek.noarch.rpmLinux
Kernel-uek update (ELSA-2021-9002) kernel-uek-4.1.12-124.46.3.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2021-9002) kernel-uek-debug-4.1.12-124.46.3.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2021-9002) kernel-uek-debug-devel-4.1.12-124.46.3.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2021-9002) kernel-uek-devel-4.1.12-124.46.3.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2021-9002) kernel-uek-doc-4.1.12-124.46.3.el7uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2021-9002) kernel-uek-firmware-4.1.12-124.46.3.el7uek.noarch.rpmLinux
CVE-2020-14305NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234