ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:06
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-10-01 14:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-17052
Mitre link : CVE-2019-17052
CVE.ORG link : CVE-2019-17052
JSON object : View
Products Affected
linux
- linux_kernel
fedoraproject
- fedora
canonical
- ubuntu_linux
debian
- debian_linux
CWE
CWE-276
Incorrect Default Permissions