Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-2054

Опубликовано: 08 мая 2019
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

EPSS

Процентиль: 59%
0.00384
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2019-2054

CVSS3: 7.8
ubuntu
больше 6 лет назад

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499

redhat логотип

CVE-2019-2054

CVSS3: 8.4
redhat
почти 7 лет назад

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499

debian логотип

CVE-2019-2054

CVSS3: 7.8
debian
больше 6 лет назад

In the seccomp implementation prior to kernel version 4.8, there is a ...

github логотип

GHSA-qgfr-27qf-f323

CVSS3: 7.8
github
больше 3 лет назад

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499

fstec логотип

BDU:2019-02877

CVSS3: 7.8
fstec
больше 9 лет назад

Уязвимость компонента seccomp ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код

EPSS

Процентиль: 59%
0.00384
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo