Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2019-17056

Published: 01/10/2019 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Linux Kernel

Vulnerability Summary

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel up to and including 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: CVE-2019-17056
Impact: Moderate Public Date: 2019-09-20 CWE: CWE-250 Bugzilla: 1758256: CVE-2019-17056 kernel: privile ...
Ubuntu Security Notice: linux, linux-hwe, linux-oem-osp1 vulnerability and regression
Several issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-azure vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerability
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-hwe, linux-oem vulnerability and regression
Several issues were fixed in the Linux kernel ...

References

CWE-276https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a359798b176183ef09efb7a3dc59abad1cc7104https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06bhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.htmlhttps://seclists.org/bugtraq/2019/Nov/11http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttps://usn.ubuntu.com/4184-1/https://usn.ubuntu.com/4185-1/https://usn.ubuntu.com/4186-1/https://usn.ubuntu.com/4185-2/https://usn.ubuntu.com/4186-2/https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2019-17056https://usn.ubuntu.com/4184-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook