A flaw was found in the Linux kernel in versions prior to 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
linux linux kernel 5.9.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
netapp solidfire \\& hci management node - |
||
netapp solidfire \\& hci storage node - |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
netapp hci_compute_node_bios - |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 20.04 |