base_sock_create in drivers/isdn/mISDN/socket.c in the...
Low severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Description
Published by the National Vulnerability Database
Oct 1, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 28, 2023
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
References