cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Tom_Wang
Viewer

CVE-2020-26541

Hello,

 

I recently passed the CISSP and became the member of ISC2. 

 

I looked the web site vulnerability.isc2.org and found out that one of the Linux Kernel vulnerability CVE-2020-26541 said:

 

The Linux kernel through 5.8.13 does not properly enforce the.....

 

My question is, the word "through" means this vulnerability only exists in Linux kernel version 5.8.13, or several other versions are also affected?

 

Sorry if this question looks more like a English rather than Security question from a non-native English speaker.

 

Thanks in advance.

 

 

3 Replies
denbesten
Community Champion


@Tom_Wang wrote:

 

The Linux kernel through 5.8.13 does not properly enforce the.....

 

My question is, the word "through" means this vulnerability only exists in Linux kernel version 5.8.13, or several other versions are also affected?


I would read that as "kernel versions 5.8.13 and earlier do not properly enforce..".  The more common phasing would be, "fixed in 5.8.14".

ericgeater
Community Champion

Congrats on the pass.  How on earth was I not culturally aware of vulnerability.isc2.org?!  Thanks for talking about it in the group.

-----------
A claim is as good as its veracity.
isc220
Viewer

I interpret the statement

...Linux kernel through 5.8.13... to mean "up to and including 5.8.13.

 

Stated another way: this CVE-2020-26541 applies to all previous Linux kernel versions and includes version 5.8.13, but not versions higher than 5.8.13.

 

Hope that helps  🙂