3.3

CVE-2019-17055

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 5.3.2
DebianDebian Linux Version8.0
FedoraprojectFedora Version29
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version16.04 SwEditionesm
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version19.04
OpensuseLeap Version15.0
OpensuseLeap Version15.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.412
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
Third Party Advisory
Mailing List
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Third Party Advisory
VDB Entry
https://seclists.org/bugtraq/2019/Nov/11
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
Third Party Advisory
Mailing List
https://usn.ubuntu.com/4184-1/
Third Party Advisory
https://usn.ubuntu.com/4185-1/
Third Party Advisory
https://usn.ubuntu.com/4186-1/
Third Party Advisory
https://usn.ubuntu.com/4186-2/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html
Third Party Advisory
Mailing List
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/
https://usn.ubuntu.com/4185-2/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0790
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b91ee4aa2a2199ba4d4650706c272985a5a32d80
Patch
Vendor Advisory