Linux · Linux Kernel · CVE-2020-25211
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 5.8.8
**Description**
The issue allows local attackers to inject conntrack netlink configuration, potentially overflowing a local buffer. This can cause system crashes or result in the use of incorrect protocol numbers in the `ctnetlink parse tuple filter` function located in `net/netfilter/nf conntrack netlink.c`.
**Recommendations**
For Linux kernel versions prior to 5.8.8, update to version 5.8.8 or later to resolve the issue.