107 matches found
DEBIAN-CVE-2023-42754
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...
CVE-2023-22024
In the Unbreakable Enterprise Kernel UEK, the RDS module in UEK has two setsockopt2 options, RDSCONNRESET and RDS6CONNRESET, that are not re-entrant. A malicious local user with CAPNETADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 Availability impacts. CVSS Vector:...
UBUNTU-CVE-2023-3610
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...
CVE-2023-3610 Use-after-free in Linux kernel's netfilter: nf_tables component
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...
Important: kernel
Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...
SUSE CVE-2023-31248
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace...
SUSE CVE-2023-35001
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nftbyteorder poorly handled vm register contents when CAPNETADMIN is in any user or network namespace...
DEBIAN-CVE-2023-31248
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace...
UBUNTU-CVE-2023-31248
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace...
kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...
UBUNTU-CVE-2023-32269
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/afnetrom.c, there is a use-after-free because accept is also allowed for a successfully connected AFNETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the...
SUSE CVE-2013-4514
Multiple buffer overflows in drivers/staging/wlags49h2/wlpriv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAPNETADMIN capability and providing a long station-name string, related to the 1...
SUSE CVE-2013-4588
Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...
SUSE CVE-2016-9793
The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...
UBUNTU-CVE-2022-1974
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAPNETADMIN privilege to leak kernel information...
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
...
CVE-2017-18509
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inetcsklistenstop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue...
kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity
The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel, through 4.14.4, does not restrict observations of Netlink messages to a single net namespace, when CONFIGNLMON is enabled. This allows local users to obtain sensitive information by leveraging the CAPNETADMIN...
DEBIAN-CVE-2018-1065
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL pointer dereference by leveraging the CAPNETRAW or CAPNETADMIN capability, related to...
DEBIAN-CVE-2017-12153
A security flaw was discovered in the nl80211setrekeydata function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAPNETADMIN capability and...