CVE-2019-17054

CVSS v3.1 3.3 (Low)

CVSS v2.0 2.1 (Low)

EPSS 0.05 % (19^th)

Affected Products 1

Advisories 17

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.

Weaknesses

CWE-276: Incorrect Default Permissions

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-10-01 14:15:46
(5 years ago)
Updated Date: 2023-11-07 03:06:08
(10 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 5.3.2 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 5.3.2