Описание
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 4.15.0-2ubuntu1.1 |
| devel | not-affected | |
| eoan | not-affected | 5.2.0-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | released | 4.15.0-2ubuntu1.1 |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
2.1 Low
CVSS2
4.4 Medium
CVSS3
Связанные уязвимости
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ...
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.
EPSS
2.1 Low
CVSS2
4.4 Medium
CVSS3