Описание
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
Ссылки
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
4.4 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ...
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.
EPSS
4.4 Medium
CVSS3
2.1 Low
CVSS2