2 matches found
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets bypassing security mechanisms aka CID-26896f01467a.
...
CVE-2020-26088
A missing capabilities check when creating NFC raw sockets could be used by local attackers to create raw sockets, bypassing security mechanisms allowing them to create or listen to NFC communication frames. Mitigation As the nfc module will be auto-loaded when required, its use can be disabled b...