vulnerability
Ubuntu: (Multiple Advisories) (CVE-2020-36516): Linux kernel (AWS) vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:M/Au:S/C:N/I:P/A:P) | Feb 26, 2022 | Apr 10, 2023 | Mar 27, 2026 |
Severity
5
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:P)
Published
Feb 26, 2022
Added
Apr 10, 2023
Modified
Mar 27, 2026
Description
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Solutions
ubuntu-upgrade-linux-image-4-4-0-1117-awsubuntu-upgrade-linux-image-4-4-0-1118-kvmubuntu-upgrade-linux-image-4-4-0-1155-awsubuntu-upgrade-linux-image-4-4-0-239-genericubuntu-upgrade-linux-image-4-4-0-239-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.