SUSE CVE-2019-20795

🗓️ 15 Feb 2023 04:05:14Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

SUSE CVE-2019-20795: iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name when setuid is used.

Reporter	Title	Published	Views	Family All 40
AlpineLinux	CVE-2019-20795	9 May 202020:16	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в iproute2	3 May 202623:59	–	astralinux
Cloud Foundry	USN-4357-1: IPRoute vulnerability \| Cloud Foundry	24 Jun 202000:00	–	cloudfoundry
CNVD	iproute2 resource management error vulnerability	11 May 202000:00	–	cnvd
CVE	CVE-2019-20795	9 May 202020:16	–	cve
Cvelist	CVE-2019-20795	9 May 202020:16	–	cvelist
Debian CVE	CVE-2019-20795	9 May 202020:16	–	debiancve
Tenable Nessus	EulerOS 2.0 SP5 : iproute (EulerOS-SA-2022-1327)	21 Mar 202200:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.6.6 : iproute (EulerOS-SA-2022-2507)	9 Oct 202200:00	–	nessus
Tenable Nessus	GLSA-202008-06 : iproute2: Denial of service	10 Aug 202000:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12.5	any	iproute2	4.12-16.6.1	iproute2-4.12-16.6.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.5	any	iproute2	4.12-16.6.1	iproute2-4.12-16.6.1.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	libnetlink-devel	4.12-16.6.1	libnetlink-devel-4.12-16.6.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.5	any	libnetlink-devel	4.12-16.6.1	libnetlink-devel-4.12-16.6.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2019-20795
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1171452
lists	www.lists.suse.com/pipermail/sle-security-updates/2021-October/009603.html

07 Jun 2026 05:22Current

7High risk

Vulners AI Score7

CVSS 3.14.4

EPSS0.00403

iproute2 use after free network namespace setuid