RSS   Vulnerabilities for 'Iproute2'   RSS

2020-05-09
 
CVE-2019-20795

CWE-416
 

 
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.

 
2014-02-15
 
CVE-2012-1088

 

 
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script.

 


Copyright 2024, cxsecurity.com

 

Back to Top