cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Viewer

CVE-2020-26541

Hello,

 

I recently passed the CISSP and became the member of ISC2. 

 

I looked the web site vulnerability.isc2.org and found out that one of the Linux Kernel vulnerability CVE-2020-26541 said:

 

The Linux kernel through 5.8.13 does not properly enforce the.....

 

My question is, the word "through" means this vulnerability only exists in Linux kernel version 5.8.13, or several other versions are also affected?

 

Sorry if this question looks more like a English rather than Security question from a non-native English speaker.

 

Thanks in advance.

 

 

3 Replies
Highlighted
Community Champion

Re: CVE-2020-26541


@Tom_Wang wrote:

 

The Linux kernel through 5.8.13 does not properly enforce the.....

 

My question is, the word "through" means this vulnerability only exists in Linux kernel version 5.8.13, or several other versions are also affected?


I would read that as "kernel versions 5.8.13 and earlier do not properly enforce..".  The more common phasing would be, "fixed in 5.8.14".

Highlighted
Community Champion

Re: CVE-2020-26541

Congrats on the pass.  How on earth was I not culturally aware of vulnerability.isc2.org?!  Thanks for talking about it in the group.

---
I've always said, "There's nothing an agnostic can't do if he really doesn't know whether he believes in anything or not."
Highlighted
Viewer

Re: CVE-2020-26541

I interpret the statement

...Linux kernel through 5.8.13... to mean "up to and including 5.8.13.

 

Stated another way: this CVE-2020-26541 applies to all previous Linux kernel versions and includes version 5.8.13, but not versions higher than 5.8.13.

 

Hope that helps  🙂