ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:06
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
07 Oct 2022, 01:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject fedora
Canonical ubuntu Linux Canonical Fedoraproject Debian debian Linux Debian |
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2c675dab816278a1724c1e93b384c2f05a11cb31 - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Nov/11 - Mailing List, Patch, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4186-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4185-2/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4185-1/ - Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html - Third Party Advisory, VDB Entry | |
References | (UBUNTU) https://usn.ubuntu.com/4184-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4186-2/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html - Mailing List, Third Party Advisory |
04 Jan 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. |
Information
Published : 2019-10-01 14:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-17052
Mitre link : CVE-2019-17052
CVE.ORG link : CVE-2019-17052
JSON object : View
Products Affected
fedoraproject
- fedora
canonical
- ubuntu_linux
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-276
Incorrect Default Permissions