Описание
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:1.22.0-15ubuntu1 |
| bionic | not-affected | 1:1.22.0-15ubuntu1 |
| cosmic | not-affected | 1:1.22.0-15ubuntu1 |
| devel | not-affected | 1:1.22.0-15ubuntu1 |
| disco | not-affected | 1:1.22.0-15ubuntu1 |
| eoan | not-affected | 1:1.22.0-15ubuntu1 |
| esm-infra-legacy/trusty | released | 1:1.21.0-1ubuntu1.4 |
| esm-infra/bionic | not-affected | 1:1.22.0-15ubuntu1 |
| esm-infra/focal | not-affected | 1:1.22.0-15ubuntu1 |
| esm-infra/xenial | not-affected | 1:1.22.0-15ubuntu1 |
Показывать по
2.1 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 ...
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
2.1 Low
CVSS2
5.5 Medium
CVSS3