15 matches found
Siemens SIMATIC S7-1500 Use After Free (CVE-2019-20795)
iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors such as C library...
Linux Distros Unpatched Vulnerability : CVE-2019-20795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, althou...
RHEL 7 : iproute (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iproute: use-after-free in getnetnsidfromname in ip/ipnetns.c CVE-2019-20795 Note that Nessus has not tested for th...
EulerOS Virtualization 3.0.6.6 : iproute (EulerOS-SA-2022-2507)
According to the versions of the iproute package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to...
EulerOS 2.0 SP5 : iproute (EulerOS-SA-2022-1327)
According to the versions of the iproute package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of...
Huawei EulerOS: Security Advisory for iproute (EulerOS-SA-2022-1327)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : iproute2 (SUSE-SU-2021:3452-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3452-1 advisory. - CVE-2019-20795: Fixed a use-after-free vulnerability in getnetnsidfromname. bsc1171452 Tenable has extracted the preceding...
SUSE-SU-2021:3452-1 Security update for iproute2
This update for iproute2 fixes the following issues: - CVE-2019-20795: Fixed a use-after-free vulnerability in getnetnsidfromname. bsc1171452...
USN-4357-1: IPRoute vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that IPRoute incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. CVEs contained in this USN include: CVE-2019-20795. Affected Cloud...
Photon OS 3.0: Iproute2 PHSA-2020-3.0-0091
An update of the iproute2 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0091. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136698;...
Ubuntu: Security Advisory (USN-4357-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-20795
iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors such as C library...
DEBIAN-CVE-2019-20795
iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors such as C library...
CVE-2019-20795
CVE-2019-20795 affects iproute2 up to version 5.0.x, with a use-after-free in get_netnsid_from_name() (ip/ipnetns.c). The issue is triggered in the net namespace handling and is the likely root cause of a local-use-after-free condition. The CVE describes the vulnerability as a use-after-free in g...
CVE-2019-20795
iproute2 before 5.1.0 has a use-after-free in getnetnsidfromname in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors such as C library...