Published: 02/10/2020 Updated: 05/10/2020

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 6.5 | Impact Score: 5.9 | Exploitability Score: 0.6

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

The Linux kernel up to and including 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...

The Linux kernel does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism This affects certs/blacklistc and certs/system_keyringc ...

NVD-CWE-Other https://lkml.org/lkml/2020/9/15/1871 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-004.html

CVE-2020-26541

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect