{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:44:27.751","vulnerabilities":[{"cve":{"id":"CVE-2020-36791","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-05-07T14:15:28.513","lastModified":"2025-11-10T17:34:55.777","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: keep alloc_hash updated after hash allocation\n\nIn commit 599be01ee567 (\"net_sched: fix an OOB access in cls_tcindex\")\nI moved cp->hash calculation before the first\ntcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched.\nThis difference could lead to another out of bound access.\n\ncp->alloc_hash should always be the size allocated, we should\nupdate it after this tcindex_alloc_perfect_hash()."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net_sched: mantener alloc_hash actualizado tras la asignación de hash. En el commit 599be01ee567 (\"net_sched: corregir un acceso OOB en cls_tcindex\"), se movió el cálculo de cp->hash antes del primer tcindex_alloc_perfect_hash(), pero se mantuvo intacto. Esta diferencia podría provocar otro acceso fuera de los límites. cp->alloc_hash siempre debe tener el tamaño asignado; debemos actualizarlo después de este tcindex_alloc_perfect_hash()."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.214","versionEndExcluding":"4.4.218","matchCriteriaId":"EA46E804-CC77-4E3E-8EFE-1E0D208F2891"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.214","versionEndExcluding":"4.9.218","matchCriteriaId":"532BFC53-5843-4E9A-9AB3-3898853DD42C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.171","versionEndExcluding":"4.14.175","matchCriteriaId":"26CFC34C-0C30-400B-A805-EBB9AD56155E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.103","versionEndExcluding":"4.19.114","matchCriteriaId":"05AC3490-6BEC-4FB4-9577-02840D73CE90"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.19","versionEndExcluding":"5.4.29","matchCriteriaId":"9253035D-B349-4044-B4B2-0052B6F8AF01"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.3","versionEndExcluding":"5.5.14","matchCriteriaId":"AF089097-DB58-4F52-AC68-3418ADEE10A2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc1:*:*:*:*:*:*","matchCriteriaId":"F5DAF39E-0835-49B4-8221-7FCE81692A4B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc2:*:*:*:*:*:*","matchCriteriaId":"73DFCE15-1BB8-4740-B9CD-57F2DF3EA15D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc3:*:*:*:*:*:*","matchCriteriaId":"7D3107F6-EB44-4C65-AA1B-1E96923F6409"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc4:*:*:*:*:*:*","matchCriteriaId":"DC0C894E-6323-44E5-89DD-8FB6A5C41CAF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc5:*:*:*:*:*:*","matchCriteriaId":"4C76EAC9-C2E6-4B6F-B002-ADBE74DDD794"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc6:*:*:*:*:*:*","matchCriteriaId":"F13B8FBF-E007-4F60-A290-2833B45F8520"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.6:rc7:*:*:*:*:*:*","matchCriteriaId":"CD0276C4-2C60-4C52-AC89-F96DF991B858"}]}]}],"references":[{"url":"https://blog.cdthoughts.ch/2021/03/16/syzbot-bug.html","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Third Party Advisory"]},{"url":"https://git.kernel.org/stable/c/0d1c3530e1bd38382edef72591b78e877e0edcd3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/557d015ffb27b672e24e6ad141fd887783871dc2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9f8b6c44be178c2498a00b270872a6e30e7c8266","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bd3ee8fb6371b45c71c9345cc359b94da2ddefa9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c4453d2833671e3a9f6bd52f0f581056c3736386","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d23faf32e577922b6da20bf3740625c1105381bf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6cdc5bb19b595486fb2e6661e5138d73a57f454","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://syzkaller.appspot.com/bug?id=ea260693da894e7b078d18fca2c9c0a19b457534","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Issue Tracking"]}]}}]}