Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-0181

Опубликовано: 27 апр. 2014
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 3.14.1 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:*:*:*:*:*:*:*

EPSS

Процентиль: 6%
0.00027
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2014-0181

ubuntu
около 11 лет назад

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

redhat логотип

CVE-2014-0181

redhat
около 11 лет назад

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

debian логотип

CVE-2014-0181

debian
около 11 лет назад

The Netlink implementation in the Linux kernel through 3.14.1 does not ...

github логотип

GHSA-759j-fmr2-pgj3

github
около 3 лет назад

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

oracle-oval логотип

ELSA-2014-1959

oracle-oval
больше 10 лет назад

ELSA-2014-1959: kernel security and bug fix update (MODERATE)

EPSS

Процентиль: 6%
0.00027
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264