A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-09-09T14:35:17

Updated: 2024-08-04T06:46:30.814Z

Reserved: 2019-11-27T00:00:00

Link: CVE-2020-1749

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-09T15:15:10.300

Modified: 2024-11-21T05:11:18.210

Link: CVE-2020-1749

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-03-04T01:29:00Z

Links: CVE-2020-1749 - Bugzilla