CVE-2020-36791

unknown

Published — · Modified —

CVSS v3

—

CVSS v2

—

VIR risk

—

Description

In the Linux kernel, the following vulnerability has been resolved: net_sched: keep alloc_hash updated after hash allocation In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched. This difference could lead to another out of bound access. cp->alloc_hash should always be the size allocated, we should update it after this tcindex_alloc_perfect_hash().

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-36791

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2020-36791.html

OS impact

OS	Version	Status	Fixed in
sles		affected
debian	bookworm	fixed	`5.5.17-1`
debian	bullseye	fixed	`5.5.17-1`
debian	forky	fixed	`5.5.17-1`
debian	sid	fixed	`5.5.17-1`
debian	trixie	fixed	`5.5.17-1`

References

Verify integrity in audit chain (admin only). AS-IS.