Lucene search
K

269 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.6 views

SUSE CVE-2010-3850

The ecdevioctl function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2 does not require the CAPNETADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call...

2.1CVSS6.4AI score0.00801EPSS
Exploits11References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.3 views

SUSE CVE-2011-2517

Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAPNETADMIN capability during scan operations with a long SSID value...

7.2CVSS6.8AI score0.00377EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-4112

The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFFTXSKBSHARING flag, which allows local users to cause a denial of service panic by leveraging the CAPNETADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction wit...

5.5CVSS4.8AI score0.00468EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.6 views

SUSE CVE-2012-6536

net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...

2.1CVSS5.9AI score0.0037EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6704

The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...

6.7CVSS6.7AI score0.00412EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.5 views

SUSE CVE-2013-1826

The xfrmstatenetlink function in net/xfrm/xfrmuser.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dumponestate function calls, which allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the...

6.2CVSS6.6AI score0.00514EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.4 views

SUSE CVE-2013-1827

net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for a certain 1 sender or 2 receiver getsockopt call...

6.2CVSS6.5AI score0.0048EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.2 views

SUSE CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

2.1CVSS5.7AI score0.00386EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.5 views

SUSE CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS5.3AI score0.00388EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4343

Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call...

6.9CVSS6.7AI score0.00355EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-4514

Multiple buffer overflows in drivers/staging/wlags49h2/wlpriv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAPNETADMIN capability and providing a long station-name string, related to the 1...

4.7CVSS6.9AI score0.00587EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4588

Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...

7CVSS6.8AI score0.00399EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.4 views

SUSE CVE-2016-9793

The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...

7.8CVSS8AI score0.01566EPSS
Exploits8References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:48 a.m.3 views

SUSE CVE-2017-7184

The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...

7.8CVSS6AI score0.01798EPSS
Exploits4References37
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17448

net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...

5.7CVSS7.3AI score0.00372EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.10 views

SUSE CVE-2017-17449

The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel through 4.14.4, when CONFIGNLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAPNETADMIN...

4.3CVSS7.2AI score0.00436EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.7 views

SUSE CVE-2018-1065

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL pointer dereference by leveraging the CAPNETRAW or CAPNETADMIN capability, related to...

5.9CVSS5.9AI score0.00423EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.11 views

SUSE CVE-2022-1974

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAPNETADMIN privilege to leak kernel information...

6.8CVSS5.8AI score0.00142EPSS
Exploits0References32
Positive Technologies
Positive Technologies
added 2023/01/30 12:0 a.m.20 views

PT-2023-2760 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.11 Description: The issue is related to the implementation of the NET/ROM network protocol in the Linux kernel. It involves a use-after-free error in the af netrom.c module, specifically in the nr release...

10CVSS6.2AI score0.93838EPSS
Exploits246References1414
OSV
OSV
added 2022/06/06 12:0 a.m.7 views

UBUNTU-CVE-2022-1974

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAPNETADMIN privilege to leak kernel information...

4.1CVSS6.6AI score0.00142EPSS
Exploits0References13
Rows per page
Query Builder