76 matches found
kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity
The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel, through 4.14.4, does not restrict observations of Netlink messages to a single net namespace, when CONFIGNLMON is enabled. This allows local users to obtain sensitive information by leveraging the CAPNETADMIN...
UBUNTU-CVE-2018-1065
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL pointer dereference by leveraging the CAPNETRAW or CAPNETADMIN capability, related to...
PT-2018-10028 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.15.7 Description: The netfilter subsystem in the Linux kernel mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL...
UBUNTU-CVE-2017-12153
A security flaw was discovered in the nl80211setrekeydata function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAPNETADMIN capability and...
The vulnerability of the sock_setsockopt function in the kernel of the Linux operating system’s net/core/sock.c file allows a hacker to cause a service failure or exert other effects.
The vulnerability of the socksetsockopt function in the kernel’s net/core/sock.c file in the Linux operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a local attacker to cause a service failure or other adverse...
UBUNTU-CVE-2012-6704
The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...
PT-2016-7822 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8.14 Description: The issue is related to the mishandling of negative values of sk sndbuf and sk rcvbuf by the sock setsockopt function in the Linux kernel. This can be exploited by local users with the CAP NE...
UBUNTU-CVE-2016-7917
The nfnetlinkrcvbatch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service infinite loop or out-of-bounds...
Kernel: SELinux: local denial-of-service
The securitycontexttosidcore function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service system crash by leveraging the CAPMACADMIN capability to set a zero-length security context...
kernel: crypto: info leaks in report API
The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...
DEBIAN-CVE-2013-2548
The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the...
DEBIAN-CVE-2012-6538
The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: netfilter: ebtables: enforce CAP_NET_ADMIN
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAPNETADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traff...
security flaw
Race condition in the doaddcounters function in netfilter for Linux kernel 2.6.16 allows local users with CAPNETADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-re...