Описание
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.7-0ubuntu3.4 |
| devel | not-affected | 2.1-2ubuntu0.22.04.1 |
| esm-infra/bionic | released | 1.7-0ubuntu3.4 |
| esm-infra/focal | released | 2.1-2~ubuntu20.04.2 |
| focal | released | 2.1-2~ubuntu20.04.2 |
| impish | released | 2.1-2ubuntu0.21.10.1 |
| jammy | released | 2.1-2ubuntu0.22.04.1 |
| upstream | pending | 2.2.1 |
Показывать по
Ссылки на источники
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was ...
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.
EPSS
4.7 Medium
CVSS3