5 matches found
CVE-2019-17055
CVE-2019-17055 affects the Linux kernel up to 5.3.2, where base_sock_create in drivers/isdn/mISDN/socket.c did not enforce CAP_NET_RAW, allowing unprivileged users to create a raw socket via AF_ISDN. The issue is tracked with CID CID-b91ee4aa2a21 and was addressed in upstream kernel commits 0edc3...
CVE-2019-17053
CVE-2019-17053 affects the Linux kernel's ieee802154_create in net/ieee802154/socket.c (AF_IEEE802154) up to version 5.3.2, where CAP_NET_RAW is not enforced. This allows unprivileged users to create a raw socket (local, low complexity). The connected documents reiterate the same description but ...
CVE-2019-17056
CVE-2019-17056 affects the Linux kernel AF_NFC implementation (llcp_sock_create in net/nfc/llcp_sock.c). Description: it does not enforce CAP_NET_RAW, allowing unprivileged users to create a raw socket. Root cause: missing capability check in llcp_sock_create. Impact: enables local privilege-rest...
CVE-2019-17054
CVE-2019-17054 affects the Linux kernel (AF_APPLETALK) where atalk_create does not enforce CAP_NET_RAW through 5.3.2, allowing unprivileged users to create raw sockets. Exploitation status and exact fixes are not provided in the supplied documents; no mitigation details are described here.
CVE-2019-17052
CVE-2019-17052 affects Linux kernel 3.16–5.3.2 where several AF_NET_RAW-bound protocols (AX.25) do not enforce CAP_NET_RAW in socket creation, allowing unprivileged users to create raw sockets. Related entries mention additional interfaces (IEEE802.154, Appletalk, ISDN, NFC) with the same CAP_NET...