2 matches found
CVE-2022-29799
CVE-2022-29799 affects networkd-dispatcher. The flaw arises because OperationalState/AdministrativeState are not sanitized, enabling a directory traversal to escape the /etc/networkd-dispatcher base directory. A local attacker could exploit this to escalate privileges or trigger code execution as...
CVE-2022-29800
CVE-2022-29800 describes a TOCTOU race in networkd-dispatcher where there is a window between script discovery and execution. An attacker could replace scripts that networkd-dispatcher believes are owned by root with untrusted ones, enabling local privilege escalation and potentially arbitrary co...