CVE-2020-14305

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an out-of-bounds memory write flaw in the Linux kernel's Voice Over IP H.323 connection tracking functionality when handling connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service, and poses a threat to confidentiality, integrity, and system availability. The flaw is also associated with a possible out of bounds write due to a missing bounds check in nf conntrack helper q931 of nf conntrack h323 main.c, which could lead to local escalation of privilege without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.