Unrated severityNVD Advisory· Published Oct 1, 2019· Updated Aug 5, 2024
CVE-2019-17052
CVE-2019-17052
Description
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
Affected products
11- Linux/Linux kerneldescription
- osv-coords10 versionspkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/ocfs2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2011%20SP4
< 3.0.101-108.108.1+ 9 more
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 3.0.101-108.108.1
- (no CPE)range: < 1.6-0.28.11.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/4184-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4185-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4185-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4186-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4186-2/mitrevendor-advisoryx_refsource_UBUNTU
- packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlmitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/mitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlmitremailing-listx_refsource_MLIST
- seclists.org/bugtraq/2019/Nov/11mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.