Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2020/02/19 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-4284-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.06623EPSS
Exploits9References2
UbuntuCve
UbuntuCve
added 2019/12/17 8:15 p.m.45 views

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

7.8CVSS6.8AI score0.01087EPSS
Exploits2References8
CVE
CVE
added 2019/12/17 7:2 p.m.143 views

CVE-2019-19241

CVE-2019-19241 affects the Linux kernel prior to 5.4.2 where the io_uring path can cause requests to appear with UID 0 and full capabilities due to IORING_OP_SENDMSG handling by kernel worker threads in contexts from unprivileged users. Affected code paths include fs/io-wq.c, fs/io_uring.c, and n...

7.8CVSS7.2AI score0.01087EPSS
Exploits2References6Affected Software1
Debian CVE
Debian CVE
added 2019/12/17 7:2 p.m.37 views

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

7.8CVSS7.4AI score0.01087EPSS
Exploits2
Rows per page
Query Builder