Filtered by vendor Iproute2 Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-1088 | 1 Iproute2 Project | 1 Iproute2 | 2023-02-12 | 3.3 LOW | N/A |
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. | |||||
CVE-2019-20795 | 2 Canonical, Iproute2 Project | 2 Ubuntu Linux, Iproute2 | 2020-09-10 | 2.1 LOW | 4.4 MEDIUM |
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability. |